Ethical hacking


Published on

This Illustrates the basics of Ethical Hacking.

Published in: Education, Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ethical hacking

  1. 1. ETHICAL HACKINGETHICAL HACKING What is Ethical Hacking? Myths and Misconceptions about ethical hacking What are the steps to be followed? Types of Ethical Hacking Is Ethical Hacking useful? Shield yourself from hackers QUERIES THANK YOU
  2. 2. SOME PREREQUESTIESSOME PREREQUESTIES  IP Address: Unique identity address given to a computer on net  Cookie is is usually a small piece of data sent from a website and stored in a user's web browser while a user is browsing a website  Trojan A program that appears legitimate, but performs some illicit activity when it is run. It stays in the computer doing its damage or allowing somebody from a remote site to take control of the computer.  MALWARE malware refers to software programs designed to damage or do other unwanted actions on a computer system.
  3. 3. “ETHICAL HACKING” means finding loop holes in system with permission from the owner of the system(database,email,website) It may be database,email,website Ethical Hacking involves conducting security Audits,vulnerabilites,assessment and testing
  4. 4. It is a cyber crime It is useless Hacking fetches no salary We cant ensure safety to our system with hacking --------------------------------------------- It is not a crime and is useful Hackers own a lot of salary Hacking is used to guard our system by detecting flaws in our system Myths and Misconceptions about ethical hackingMyths and Misconceptions about ethical hacking
  5. 5. What are the steps to be followed?What are the steps to be followed? Scanning (finding folders , servers) Gaining Access(It includes finding username, password etc.) Maintaining Access(Control over the control panel of the site) Clearing Tracks(Removing cookies, changing ip address) Reconnaissance(Verify all the steps and detect whether there are still any flaws)
  6. 6.  WEBSITE HACKING  EMAIL HACKING  SOCIAL NETWORK SITES HACKING  ATTACKS involved are  SQL INJECTION(using ‘ and finding vulnerabilities)  ASP/ASPX INJECTION(similar to SQL)  PHISHING ATTACK(Creating a duplicate page and code changing)  STORED XSS(a cookie grabbing technique)  TROJAN ATTACK(software that appears to perform a desirable function for the user prior to run or install, steals information or harms the system TYPES AND ATTACKSTYPES AND ATTACKS
  7. 7. SQL INJECTIONSQL INJECTION Find whether link has .php?id=6 then place ‘ If blank page occurs then we can hack that site Now remove the quote and add order by n-- where n is no.of link Now find the database For user name and password the code is  union all select 1,2,user_name,4,5,6 from trs_users union all select 1,2,user_password,4,5,6 from trs_users
  8. 8. ASP/ASPX INJECTIONASP/ASPX INJECTION Find whether link has .php?id=6 then place ‘ Instead of order by n– change that part as 1=convert(int,select toptable_name from information_schema.table) Follow as sql except order by n– You will get database ,username and password Filter is used to block the site when there are words like order by etc That’s why we use above code
  9. 9. PHISHING ATTACKPHISHING ATTACK This is the most easiest and highly dangerous attack for email hacking We develop a fake page of a site with user name, password columns and upload with hacking code into the site Unknowingly the victim enter his user name and password which we can see in our site This is the most common attack to hack emails , facebook accounts
  10. 10. Is Ethical Hacking useful?Is Ethical Hacking useful? We can detect flaws in database/server by hacking TESTING is less efficient than ETHICAL HACKING for web based servers Depending on the attack(sql/asp injections)we can rectify We can increase Cyber protection
  11. 11. Delete cookies the moment you close your browser Never click unwanted links If you are using Mozilla Firefox then use start private browsing Lock the cookies Detect the real and fake pages of the site Use a good antivirus which can detect Trojans