• To understand the world of hacking learn Hack Simulation
Game as : Follow a map, Choose the Server to enter in a
system, Crack the password and within a time limit garb the
information, send virus, delete/steal files before you are
• Many security experts encourage organizations to hire ethical
hackers to test their networks. Pathfinder aims to grab these
• Ethical Hacking Organizations are increasingly, evaluating
the success or failure of their current security measures
through use of ethical hacking processes and techniques.
India Ranks 5 in Reporting Cyber
India ranks fifth among countries reporting the maximum number of
cyber crimes, as the latest report released by Internet Crime Complaint
Centre of the United States.
Cyber crimes record 50% rise in India.
The United States led the tally of victims complaints, while India
remained at fifth by reporting 0.36% of the global complaints received
at IC3 which was about 1,000 complaints, the data said.
Majority of the fraudsters on the information highway, this year,
resorted to the trick of selling products online but not delivering it to
buyers who had already made payments.
It remained the most adopted method to cheat during the year with
33% of internet crimes of this nature being reported, according to the
Recent Cyber Cases
• Andhra Pradesh Govt websites hacked on Feb 17, 2012, Some
Bangladeshi hacking groups are suspected to be behind the
• Trinamool Congress website hacked by Bangladeshi hackers
on 15 Feb 2012.
• Online store of Microsoft India was hacked by Chinese
Hackers on 13 Feb 2012.
• 5 Million of Android phone infected by virus
The malware is embedded into various apps in the Android
Market and once downloaded, launch services that send
information from the device, such as MAC Address, SIM
Serial, IMEI, and IMSI, back to the malicious host.
How Windows NT Save User Password
New user when creating an account on
Like a user name : (Sheela)
password : (barbie.doll)
It will stored on SAM in hashes formats you can not
read , rename or delete .
Oph crack his
own data base
of hashes and
stored in form of
Windows Password Cracked by Booting the Computer
from the Windows Live Disk
password with his
OPH crack example
Session High Jacking
In computer science, session hijacking is the exploitation of a
valid computer session—sometimes also called a session key—to
gain unauthorized access to information or services in a computer
system. In particular, it is used to refer to the theft of a magic
cookie used to authenticate a user to a remote server. It has
particular relevance to web developers, as the HTTP cookies used
to maintain a session on many web sites can be easily stolen by an
attacker using an intermediary computer or with access to the
saved cookies on the victim's computer ( HTTP cookie theft).
• Facebook session high jacking
• Orkut session high jacking
MS Windows Link File CVE-2010-2568
• This attack could pose a serious security threat. You should
take immediate action to stop any damage or prevent further
damage from happening. Description
• This signature will detect attempts to exploit a remote code
execution vulnerability in Microsoft Windows Shortcut 'LNK'
• Microsoft Windows is prone to a vulnerability that may allow a
file to automatically run because the software fails to handle
'LNK' files properly.
Microsoft Windows Attack
• Specifically, the issue occurs when loading the icon of a
shortcut file. A specially crafted 'LNK' file can cause Windows
to automatically execute code that is specified by the shortcut
• NOTE: This issue is being exploited in the wild as malware
This issue affects Microsoft Windows XP, Windows Vista,
Windows 7, Windows Server 2003, and Windows Server 2008.
Microsoft Windows Attack
Method 1 cont.….
Microsoft Windows Attack
Meta sploit Attack
Microsoft windows shell code execution
This module exploits a vulnerability in the handling of Windows
Shortcut files (.LNK) that contain an icon resource pointing to a
malicious DLL. This module creates a WebDAV service that can
be used to run an arbitrary payload when accessed as a UNC path
Steganography (computer science) The art and science of hiding a message in a
medium, such as a digital picture or audio file.
is the hiding of a secret message within an ordinary message and the extraction
of it at its destination
Become A Security Expert
• Cyber security professional
• Information Security Professional
• IS Executive
• Information System Auditor
• Security Advisors
• Software developers
• IT specialists
• IT system executives
• IT consultants
• Assistant Software Engineer
• Software Test Engineer
• R&D Executive
• Security Consultant
• System Engineer
• Network Engineer
• Network Administrator and many more…sector.
The Appin Pathfinder prepares you for numerous career opportunities. If you've ever
wondered what you can become, here are some answers.
These are the career profiles chosen by students immediately after their schools and are
earning huge packages despite of their age and less experience. Thousands of our students
have been placed with many top companies in IT and security