Abstract image of a woman sitting on books and studying on a laptop

systemhacking-170425062200.pdf

T
ThasnimFathima

The document discusses the process of hacking into a system. It begins by outlining steps an attacker takes before hacking such as footprinting, scanning and enumeration to gather information about the target. It then describes the different stages of system hacking including setting goals, methodology, and specific steps. These steps involve password cracking, privilege escalation, executing applications, hiding files and covering tracks to avoid detection. The document provides details on techniques, tools and methods used at each step of the hacking process.

Health & Medicine
1 of 28
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
SYSTEM HACKING MR. RAJASEKAR RAMALINGAM FACULTY - DEPARTMENT OF IT COLLEGE OF APPLIED SCIENCES – SUR SULTANATE OF OMAN VRRSEKAR@YAHOO.COM
CONTENT 1. Steps before hacking a System  Footprinting  Scanning  Enumeration 2. System Hacking stage 3. Goals for System Hacking 4. System Hacking Methodology 5. System Hacking Steps 6. Password Cracking 7. Privilege escalation 8. Executing Applications 9. Hiding Files 10. Covering tracks 2 SYSTEM HACKING
1. STEPS BEFORE HACKING A SYSTEM 3 SYSTEM HACKING
1.1 FOOTPRINTING  Process of accumulating data regarding a specific network environment.  Purpose of finding ways to intrude into the network environment.  Can be used to attack a system, and also to protect it.  In the footprinting phase, the attacker creates a profile of the target organization, with the information such as its IP address range, namespace, and employee web usage.  Footprinting improves the ease with which the systems can be exploited by revealing system vulnerabilities.  Determining the objective and location of an intrusion is the primary step involved in footprinting.  Once the objective and location of an intrusion is known, specific information about the organization can be gathered. 4 SYSTEM HACKING
1.2 SCANNING  Procedure for identifying active hosts on a network, either for the purpose of network security assessment or for attacking them.  The attacker finds information about the target assessment through its IP addresses that can be accessed over the Internet.  Scanning is mainly concerned with the identification of systems on a network and the identification of services running on each computer.  Some of the scanning procedures such as port scans and ping sweeps return information about the services offered by the live hosts that are active on the Internet and their IP addresses. 5 SYSTEM HACKING
1.3 ENUMERATION  Enumeration is the method of intrusive probing into the target assessment through which attackers gather information such as network user lists, routing tables, and Simple Network Management Protocol (SNMP) data.  The attacker's objective is to identify valid user accounts or groups where he or she can remain inconspicuous once the system has been compromised.  Enumeration involves making active connections to the target system or subjecting it to direct queries. 6 SYSTEM HACKING
2. SYSTEM HACKING STAGE  Every criminal commits a crime to achieve certain goal.  Likewise, an attacker can also have certain goals behind performing attacks on a system.  The following may be some of the goals of attackers in committing attacks on a system.  The table shows the goal of an attacker at different hacking stages and the technique used to achieve that goal. 7 SYSTEM HACKING
3. GOALS FOR SYSTEM HACKING 8 SYSTEM HACKING
4. SYSTEM HACKING METHODOLOGY  Before hacking a system, an attacker uses footprinting, scanning, and enumeration techniques to detect the target area of the attack and the vulnerabilities that prove to be doorways for the attacker.  Once the attacker gains all the necessary information, he or she starts hacking.  The following diagram depicts the hacking methodology followed by ethical / Unethical hackers: 9 SYSTEM HACKING
System Hacking Methodology…. 10 SYSTEM HACKING
5. SYSTEM HACKING STEPS  System hacking cannot be accomplished at a single go.  Various steps that include  Cracking passwords  Escalating privileges  Executing applications  Hiding files  Covering tracks  Discuss these steps one by one thoroughly, to determine how the attacker hacks the system. 11 SYSTEM HACKING
System Hacking Steps… 12 SYSTEM HACKING
6. PASSWORD CRACKING 13 SYSTEM HACKING
PASSWORD CRACKING …  Process of recovering passwords from the data that has been transmitted by a computer system or stored in it.  Helps a user to recover a forgotten or lost password, as a preventive measure by the system administrators.  Can also be used to gain unauthorized access to a system.  Many hacking attempts start with password cracking attempts.  Most attackers use password cracking techniques to gain unauthorized access to the vulnerable system.  Passwords may be cracked manually or with automated tools.  Programs designed for cracking passwords are the functions of the number of possible passwords per second that can be checked.  Most of the passwords cracking techniques are successful due to weak or easily guessable passwords. 14 SYSTEM HACKING
6.1 PASSWORD CRACKING TECHNIQUES 15 SYSTEM HACKING
6.2 TYPES OF PASSWORD ATTACKS 16 SYSTEM HACKING
6.3 PASSWORD CRACKING TOOLS 17 SYSTEM HACKING
7. PRIVILEGE ESCALATION  An attacker can gain access to the network using a non-admin user account, and the next step would be to gain administrative privileges.  Attacker performs privilege escalation attack which takes advantage of design flaw, programming errors, bugs, and configuration oversights in the OS and software application to gain administrative access to the network and its associated applications.  These privileges allows attacker to view private information , delete files, or install malicious programs such as viruses, Trojans, worms, etc. 18 SYSTEM HACKING
PRIVILEGE ESCALATION… Types of Privilege escalation: 1. Vertical Privilege escalation  Requires granting higher privileges or higher level of access than administrator.  This is accomplished by doing kernel-level operations that permit to run unauthorized code. 2. Horizontal Privilege escalation  Requires using same privileges or higher level of access that already has been granted but assuming the identity of another user with similar privileges. 19 SYSTEM HACKING
7.1 PRIVILEGE ESCALATION TOOLS 20 SYSTEM HACKING
8. EXECUTING APPLICATIONS 21 • Attackers execute malicious applications in this stage. • This is called “Owning” the system. • Executing applications is done after the attacker gains the administrative privileges. • The attacker may try to execute some of his or her own malicious programs remotely on the victim's machine to gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources, crack passwords, capture screenshots, install a backdoor to maintain easy access, etc. SYSTEM HACKING
EXECUTING APPLICATIONS …. 22 SYSTEM HACKING
 The malicious programs that the attacker executes on victim's machine maybe:  Backdoors: Programming designed to deny or disrupt operation, gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources.  Crackers: Piece of software or program designed for the purpose of cracking the code or passwords.  Keyloggers: This can be hardware or a software type. In either case the objective is to record each and every key stroke made on the computer keyboard.  Spyware: Spy software may capture the screen shots and send them to a specified location defined by the hacker. The attacker has to maintain the access to the victim's computer until his or her purpose is fulfilled.  After deriving all the requisite information from the victim’s computer, the attacker installs several back doors to maintain easy access to the victim’s computer in the future. 23 SYSTEM HACKING
9. HIDING FILES  Many proactive applications are capable of preventing or detecting and deleting malicious applications.  In order to avoid malicious applications being detected by protective applications, attackers hide malicious files inside other legitimate files.  Rootkits are programs that hide their presence as well as attacker's malicious activities, granting them full access to the server or host at  that time and also in future.  Rootkits replace certain operating system calls and utilities with its own modified versions o f those routines that in turn undermine the security of the target system causing malicious functions to be executed.  A typical root kit comprises o f backdoor programs, DDOS programs, packet sniffers, log-wiping utilities, IRC bots, etc. 24 SYSTEM HACKING
HIDING FILES…. 25 SYSTEM HACKING
12.9.1 TYPES OF ROOTKIT 26 SYSTEM HACKING
12.10 COVERING TRACKS 27 • Once the attacker breaks into the target network or computer successfully, he tries to hide himself from being detected or traced out. • The attacker tries to cover all the tracks or logs that are generated during his attempts to gain access to the target network. SYSTEM HACKING
12.10.1WHY COVER TRACKS? 28 SYSTEM HACKING

More Related Content

PPTX
Ethical hacking
Rishabha Garg
 
PPTX
Ethical Hacking Redefined
Pawan Patil
 
PPT
ETHICAL HACKING
Sweta Leena Panda
 
PDF
Introduction of hacking and cracking
Harshil Barot
 
PPTX
Introduction ethical hacking
Vishal Kumar
 
ODP
Ethical hacking ppt
himanshujoshi238
 
PPTX
Ethical hacking introduction to ethical hacking
MissStevenson1
 
PPT
Introduction to ethical hacking
ankit sarode
 
Ethical hacking
Rishabha Garg
 
Ethical Hacking Redefined
Pawan Patil
 
ETHICAL HACKING
Sweta Leena Panda
 
Introduction of hacking and cracking
Harshil Barot
 
Introduction ethical hacking
Vishal Kumar
 
Ethical hacking ppt
himanshujoshi238
 
Ethical hacking introduction to ethical hacking
MissStevenson1
 
Introduction to ethical hacking
ankit sarode
 

Similar to systemhacking-170425062200.pdf (20)

PPTX
Ethical hacking introduction to ethical hacking
missstevenson01
 
DOCX
Ethical hacking
Nitheesh Adithyan
 
PPTX
Ethical hacking : Its methodologies and tools
chrizjohn896
 
PPTX
ethical hacking
samprada123
 
PPT
Hacking
blues_mfi
 
PPTX
Ethical hacking
AKSHAY KHATRI
 
PPTX
Ethical Hacking
Aditya Vikram Singhania
 
PPTX
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
PPT
All about Hacking
Madhusudhan G
 
PPTX
Ethical Hacking.pptx
MadhuKumar114889
 
PPTX
Ethical hacking
Prabhat kumar Suman
 
PDF
Ethical Hacking
Syed Irshad Ali
 
PPTX
Hacking and Anti Hacking
International Islamic University
 
PPTX
The Basics of Ethical Hacking
Vamshi TG
 
PPTX
Ethical Hacking
Nitheesh Adithyan
 
PPTX
Ethical hacking
Ritwick Mukherjee
 
PPTX
GEC-LIE Chapter-3.-Lesson-5-Hacking.pptx
AnjieVillarba1
 
PPTX
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
PPTX
Ethical Hacking
Namrata Raiyani
 
PPTX
Hacking
Asma Khan
 
Ethical hacking introduction to ethical hacking
missstevenson01
 
Ethical hacking
Nitheesh Adithyan
 
Ethical hacking : Its methodologies and tools
chrizjohn896
 
ethical hacking
samprada123
 
Hacking
blues_mfi
 
Ethical hacking
AKSHAY KHATRI
 
Ethical Hacking
Aditya Vikram Singhania
 
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
All about Hacking
Madhusudhan G
 
Ethical Hacking.pptx
MadhuKumar114889
 
Ethical hacking
Prabhat kumar Suman
 
Ethical Hacking
Syed Irshad Ali
 
Hacking and Anti Hacking
International Islamic University
 
The Basics of Ethical Hacking
Vamshi TG
 
Ethical Hacking
Nitheesh Adithyan
 
Ethical hacking
Ritwick Mukherjee
 
GEC-LIE Chapter-3.-Lesson-5-Hacking.pptx
AnjieVillarba1
 
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
Ethical Hacking
Namrata Raiyani
 
Hacking
Asma Khan
 

Recently uploaded (20)

PPTX
NRP and care of Newborn.pptx- APPT presentation about neonatal resuscitation ...
GururajaRamaiah1
 
PPTX
thio and propofol mechanism and uses.pptx
sarinpjohn3419
 
PPTX
ANESTHETIC CONSIDERATION IN ALCOHOLIC ASSOCIATED LIVER DISEASE.pptx
PoojaPandeya
 
PDF
OSCE SERIES ( Questions & Answers ) - Set 5.pdf
Jim Jacob Roy
 
PPT
Infections Member of Royal College of Physicians.ppt
Nida Us Sahr
 
PPTX
4. Abdominal Trauma 2020.jiuiwhewh2udwepptx
abdulgeny22
 
PPTX
Impression Materials in dental materials.pptx
IshitaGupta531091
 
PPTX
Approach to chest pain, SOB, palpitation and prolonged fever
ZhenChienOoi
 
PPTX
Vesico ureteric reflux.. Introduction and clinical management
Tariq Mir
 
PPTX
Hypertensive disorders in pregnancy.pptx
ssuser3854cd
 
PDF
Adverse drug reaction and classification
mauryajyoti449
 
PPTX
Assessment of fetal wellbeing for nurses.
LaxmiDeshpande6
 
PPT
nephrology MRCP - Member of Royal College of Physicians ppt
Nida Us Sahr
 
PPTX
HYPERSENSITIVITY REACTIONS - Pathophysiology Notes for Second Year Pharm D St...
Ameena Kadar K A
 
PPTX
ROJoson PEP Talk: What / Who is a General Surgeon in the Philippines?
Reynaldo Joson
 
PPTX
NUCLEAR-MEDICINE-Copy.pptxbabaabahahahaahha
DanielCastilloMontes
 
DOCX
PEADIATRICS NOTES.docx lecture notes for medical students
lenixjeff
 
PPTX
The Human Reproductive System Presentation
RalphAlday
 
PPTX
abgs and brain death dr js chinganga.pptx
docjulzchin
 
PPT
Opthalmology presentation MRCP preparation.ppt
Nida Us Sahr
 
NRP and care of Newborn.pptx- APPT presentation about neonatal resuscitation ...
GururajaRamaiah1
 
thio and propofol mechanism and uses.pptx
sarinpjohn3419
 
ANESTHETIC CONSIDERATION IN ALCOHOLIC ASSOCIATED LIVER DISEASE.pptx
PoojaPandeya
 
OSCE SERIES ( Questions & Answers ) - Set 5.pdf
Jim Jacob Roy
 
Infections Member of Royal College of Physicians.ppt
Nida Us Sahr
 
4. Abdominal Trauma 2020.jiuiwhewh2udwepptx
abdulgeny22
 
Impression Materials in dental materials.pptx
IshitaGupta531091
 
Approach to chest pain, SOB, palpitation and prolonged fever
ZhenChienOoi
 
Vesico ureteric reflux.. Introduction and clinical management
Tariq Mir
 
Hypertensive disorders in pregnancy.pptx
ssuser3854cd
 
Adverse drug reaction and classification
mauryajyoti449
 
Assessment of fetal wellbeing for nurses.
LaxmiDeshpande6
 
nephrology MRCP - Member of Royal College of Physicians ppt
Nida Us Sahr
 
HYPERSENSITIVITY REACTIONS - Pathophysiology Notes for Second Year Pharm D St...
Ameena Kadar K A
 
ROJoson PEP Talk: What / Who is a General Surgeon in the Philippines?
Reynaldo Joson
 
NUCLEAR-MEDICINE-Copy.pptxbabaabahahahaahha
DanielCastilloMontes
 
PEADIATRICS NOTES.docx lecture notes for medical students
lenixjeff
 
The Human Reproductive System Presentation
RalphAlday
 
abgs and brain death dr js chinganga.pptx
docjulzchin
 
Opthalmology presentation MRCP preparation.ppt
Nida Us Sahr
 

systemhacking-170425062200.pdf

  • 1. SYSTEM HACKING MR. RAJASEKAR RAMALINGAM FACULTY - DEPARTMENT OF IT COLLEGE OF APPLIED SCIENCES – SUR SULTANATE OF OMAN VRRSEKAR@YAHOO.COM
  • 2. CONTENT 1. Steps before hacking a System  Footprinting  Scanning  Enumeration 2. System Hacking stage 3. Goals for System Hacking 4. System Hacking Methodology 5. System Hacking Steps 6. Password Cracking 7. Privilege escalation 8. Executing Applications 9. Hiding Files 10. Covering tracks 2 SYSTEM HACKING
  • 3. 1. STEPS BEFORE HACKING A SYSTEM 3 SYSTEM HACKING
  • 4. 1.1 FOOTPRINTING  Process of accumulating data regarding a specific network environment.  Purpose of finding ways to intrude into the network environment.  Can be used to attack a system, and also to protect it.  In the footprinting phase, the attacker creates a profile of the target organization, with the information such as its IP address range, namespace, and employee web usage.  Footprinting improves the ease with which the systems can be exploited by revealing system vulnerabilities.  Determining the objective and location of an intrusion is the primary step involved in footprinting.  Once the objective and location of an intrusion is known, specific information about the organization can be gathered. 4 SYSTEM HACKING
  • 5. 1.2 SCANNING  Procedure for identifying active hosts on a network, either for the purpose of network security assessment or for attacking them.  The attacker finds information about the target assessment through its IP addresses that can be accessed over the Internet.  Scanning is mainly concerned with the identification of systems on a network and the identification of services running on each computer.  Some of the scanning procedures such as port scans and ping sweeps return information about the services offered by the live hosts that are active on the Internet and their IP addresses. 5 SYSTEM HACKING
  • 6. 1.3 ENUMERATION  Enumeration is the method of intrusive probing into the target assessment through which attackers gather information such as network user lists, routing tables, and Simple Network Management Protocol (SNMP) data.  The attacker's objective is to identify valid user accounts or groups where he or she can remain inconspicuous once the system has been compromised.  Enumeration involves making active connections to the target system or subjecting it to direct queries. 6 SYSTEM HACKING
  • 7. 2. SYSTEM HACKING STAGE  Every criminal commits a crime to achieve certain goal.  Likewise, an attacker can also have certain goals behind performing attacks on a system.  The following may be some of the goals of attackers in committing attacks on a system.  The table shows the goal of an attacker at different hacking stages and the technique used to achieve that goal. 7 SYSTEM HACKING
  • 8. 3. GOALS FOR SYSTEM HACKING 8 SYSTEM HACKING
  • 9. 4. SYSTEM HACKING METHODOLOGY  Before hacking a system, an attacker uses footprinting, scanning, and enumeration techniques to detect the target area of the attack and the vulnerabilities that prove to be doorways for the attacker.  Once the attacker gains all the necessary information, he or she starts hacking.  The following diagram depicts the hacking methodology followed by ethical / Unethical hackers: 9 SYSTEM HACKING
  • 11. 5. SYSTEM HACKING STEPS  System hacking cannot be accomplished at a single go.  Various steps that include  Cracking passwords  Escalating privileges  Executing applications  Hiding files  Covering tracks  Discuss these steps one by one thoroughly, to determine how the attacker hacks the system. 11 SYSTEM HACKING
  • 14. PASSWORD CRACKING …  Process of recovering passwords from the data that has been transmitted by a computer system or stored in it.  Helps a user to recover a forgotten or lost password, as a preventive measure by the system administrators.  Can also be used to gain unauthorized access to a system.  Many hacking attempts start with password cracking attempts.  Most attackers use password cracking techniques to gain unauthorized access to the vulnerable system.  Passwords may be cracked manually or with automated tools.  Programs designed for cracking passwords are the functions of the number of possible passwords per second that can be checked.  Most of the passwords cracking techniques are successful due to weak or easily guessable passwords. 14 SYSTEM HACKING
  • 15. 6.1 PASSWORD CRACKING TECHNIQUES 15 SYSTEM HACKING
  • 16. 6.2 TYPES OF PASSWORD ATTACKS 16 SYSTEM HACKING
  • 17. 6.3 PASSWORD CRACKING TOOLS 17 SYSTEM HACKING
  • 18. 7. PRIVILEGE ESCALATION  An attacker can gain access to the network using a non-admin user account, and the next step would be to gain administrative privileges.  Attacker performs privilege escalation attack which takes advantage of design flaw, programming errors, bugs, and configuration oversights in the OS and software application to gain administrative access to the network and its associated applications.  These privileges allows attacker to view private information , delete files, or install malicious programs such as viruses, Trojans, worms, etc. 18 SYSTEM HACKING
  • 19. PRIVILEGE ESCALATION… Types of Privilege escalation: 1. Vertical Privilege escalation  Requires granting higher privileges or higher level of access than administrator.  This is accomplished by doing kernel-level operations that permit to run unauthorized code. 2. Horizontal Privilege escalation  Requires using same privileges or higher level of access that already has been granted but assuming the identity of another user with similar privileges. 19 SYSTEM HACKING
  • 20. 7.1 PRIVILEGE ESCALATION TOOLS 20 SYSTEM HACKING
  • 21. 8. EXECUTING APPLICATIONS 21 • Attackers execute malicious applications in this stage. • This is called “Owning” the system. • Executing applications is done after the attacker gains the administrative privileges. • The attacker may try to execute some of his or her own malicious programs remotely on the victim's machine to gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources, crack passwords, capture screenshots, install a backdoor to maintain easy access, etc. SYSTEM HACKING
  • 23.  The malicious programs that the attacker executes on victim's machine maybe:  Backdoors: Programming designed to deny or disrupt operation, gather information that leads to exploitation or loss of privacy, gain unauthorized access to system resources.  Crackers: Piece of software or program designed for the purpose of cracking the code or passwords.  Keyloggers: This can be hardware or a software type. In either case the objective is to record each and every key stroke made on the computer keyboard.  Spyware: Spy software may capture the screen shots and send them to a specified location defined by the hacker. The attacker has to maintain the access to the victim's computer until his or her purpose is fulfilled.  After deriving all the requisite information from the victim’s computer, the attacker installs several back doors to maintain easy access to the victim’s computer in the future. 23 SYSTEM HACKING
  • 24. 9. HIDING FILES  Many proactive applications are capable of preventing or detecting and deleting malicious applications.  In order to avoid malicious applications being detected by protective applications, attackers hide malicious files inside other legitimate files.  Rootkits are programs that hide their presence as well as attacker's malicious activities, granting them full access to the server or host at  that time and also in future.  Rootkits replace certain operating system calls and utilities with its own modified versions o f those routines that in turn undermine the security of the target system causing malicious functions to be executed.  A typical root kit comprises o f backdoor programs, DDOS programs, packet sniffers, log-wiping utilities, IRC bots, etc. 24 SYSTEM HACKING
  • 26. 12.9.1 TYPES OF ROOTKIT 26 SYSTEM HACKING
  • 27. 12.10 COVERING TRACKS 27 • Once the attacker breaks into the target network or computer successfully, he tries to hide himself from being detected or traced out. • The attacker tries to cover all the tracks or logs that are generated during his attempts to gain access to the target network. SYSTEM HACKING