Ethical Hacking
- 1. Ethical hacking SHOULD WE FEAR HACKERS? INTENTION IS AT THE HEART OF THIS DISCUSSION. -KEVIN MITNICK
- 2. INTRODUCTION “Hacking involves a different way of looking at problems that no one's thought of." -Walter O'Brien Hacking generally refers to unauthorized intrusion into a computer or a network. The person engaged in hacking activities is known as a hacker. This hacker may alter system or security features to accomplish a goal that differs from the original purpose of the system.
- 3. Hacker v/s Ethical Hacker A white hat or ethical hacker is a computer security specialist who breaks into protected systems and networks to test and asses their security. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them. Although the methods used are similar to those employed by malicious hackers, white hat hackers have permission to employ them against the organization that has hired them.
- 5. Steps of Ethical Hacking Scanning Gaining Access Elevating Privileges Maintaining Access Clearing Tracks Documenting Everything.
- 6. Scanning Reconnaissance refers to the preparatory phase where an attacker seeks to gain information about a target prior to launching an attack. Could be the future point of return, noted for ease of entry for an attack when more about the target is known of a broad scale. Reconnaissance range may include the target organization's clients, employees, operations, networks and systems.
- 7. Tools used 1) WHOIS? 2) OSINT Framework 3) ZENMAP
- 8. Gaining Access •After scanning, the hacker designs the blueprint of the network of the target with the help of data collected during Scanning. This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network (LAN, either wired or wireless), local access to a PC, the internet or offline. •Examples include stack based buffer overflows, denial of service (DoS), and session hijacking. Gaining access is known in the hacker world as owning the system.
- 9. Tools Used 1) Metasploit 2) John the Ripper 3) SE Toolkit
- 10. Elevating Privileges 1. We have to check the privileges that the logged in user has and if any other user is also logged into the system. 2. We can steal the credential of a logged in user, a previous user, or simply crack the password.
- 11. Maintaining Access •Once a hacker has gained access, they want to keep that access for future exploitation and attacks. •They can maintain control over “their” system for a long time by “hardening” the system against other attackers, and sometimes, in the process, do render some degree of protection to the system from other attacks. They can then use their access to steal data, consume CPU cycles, and trade sensitive information or even resort to extortion.
- 12. • When the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system. •For instance, the attacker can implement a sniffer to capture all network traffic, including telnet and ftp sessions with other systems.Attackers can use Trojan horses to transfer user names, passwords, and even credit card information stored on the system.
- 13. Tools Used 1) Backdoors 2) Rootkit 3) Trojan Horse
- 14. Clearing Tracks •Erasing evidence of a compromise is a requirement for any attacker who wants to remain obscure and evade trace back. 1. This usually starts with erasing the contaminated logins and any possible error messages that may have been generated from the attack process. 2. Attention is turned to affecting changes so that future logins are not logged. By manipulating and tweaking the event logs, the system administrator can be convinced that the output of her system is correct and no intrusion or compromise actually took place. •The first thing a system administrator does to monitor unusual activity is check the system log files, it is common for intruders to use a utility to modify the system logs. In some extreme cases, rootkits can disable logging altogether and discard all existing logs. This happens if the intruders intend to use the system for a longer period of time as a launch base for future intrusions. They remove only those portions of logs that can reveal their presence.
- 15. Tools Used 1) CCleaner 2) PrivaZer 3) BleachBit
- 16. Documenting Every step of an attack, or the entire Ethical Hacking process, has to be noted and labeled stepwise. Every detail, difficulty and vulnerability has to be informed about to the target(parent company). This is the point where the Hacker has the option to suggest or withhold any useful tips or ideas he might have, for or irrespective of an incremental bonus.
- 17. Some Attacks Of Ethical Hacking The Silent You Are The More You Are Able To Hear.
- 18. Phishing Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site. Attempts to deal with phishing incidents include legislation, user training, public awareness, and technical security measures.
- 28. Dictionary A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. 01 In contrast to a brute force attack, where a large proportion of the key space is searched systematically, a dictionary attack tries only those possibilities which are deemed most likely to succeed. 02 Dictionary attacks work because many computer users and businesses insist on using ordinary words as passwords. 03
- 31. Thank You !