Summer Training-2011
CSE
Acknowledgement I am highly greatful to Er. Gurjot Singh, Assistant Proff. CSE Department, SUSCET Tangori, for providing this opportunity to carry out the one month institutional training. I would like to express my gratitude to my guide Er. Aditi Sharma, CSE Department, SUSCET
for providing academic inputs, guidance, encouragement throughout my
training period. Finally I expess my my indebtness to my parents and all those who have directly or indirectly
contributed
Ruchika Gupta
to
the
successful
1
completition
of
my
training.
100690309909
Summer Training-2011
CSE
Declaration I hereby declare that the project entitled HACKING submitted for the B.Tech CSE degree of Punjab Technical University is my original work and the project has not formed the
basis
for
the
another
degree
Tangori
or
any
other
similar
typings.
Ruchika Gupta
June 16, 2011
100690309909 CSE
Ruchika Gupta
2
100690309909
Summer Training-2011
CSE
CONTENTS 1. Introduction 1.1
Defination
1.2
Hackers And Crackers
2 Hacking History 2.1
1960s - The Dawn of Hacking
2.2
1970s - Phone Phreaks and Cap'n Crunch
2.3
1980 - Hacker Message Boards and Groups
2.4
1983 - Kids' Games
2.5
1984 - Hacker 'Zines
2.6
1986 - Use a Computer, Go to Jail
2.7
1988 - The Morris Worm
2.8
1989 - The Germans and the KGB
2.9
1990 - Operation Sundevil
2.10 1993 - Why Buy a Car When You Can Hack One? 2.11 1994 - Hacking Tools R Us 2.12 1995 - The Mitnick Takedown 2.13 1997 - Hacking AOL 2.14 1998 - The Cult of Hacking and the Israeli Connection 2.15 1999 - Software Security Goes Mainstream 2.16 2000 - Service Denied 2.17 2001 - DNS Attack 3 Types Of Hacking 3.1 Website Hacking 3.1.1 Issues 3.1.2 Preventions 3.2 E-Mail Hacking 3.2.1 If You Have Physical Access: 3.2.2 If You Don't Have Physical Access: 3.2.3 Prevention against Phishing: 3.2.4 Securing your Email Account: 3.3 Network Hacking 3.4 Password Hacking
Ruchika Gupta
3
100690309909
Summer Training-2011
CSE
3.5 Online Banking Hacking 3.6 Computer Hacking 4 Hacking Tricks 5 Famous Hackers 6 Advantages Of Hacking 7 Ways To Prevent Hacking 8 Future Scope Of Hacking
Ruchika Gupta
4
100690309909
Summer Training-2011
CSE
Chapter – 1 Introduction
1.1 Definition Hacking refers to breaking into computer systems. The person who is invovlved in hacking is called a Hacker. Hacker is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems." A hacker is someone who gains unauthorized access to a computer system. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Typically, this kind of hacker would be a proficient programmer or engineer with sufficient technical knowledge to understand the weak points in a security system. Hacker is
A person who enjoys learning details of a programming language or system
A person who enjoys actually doing the programming rather than just theorizing about it.
A person capable of appreciating someone else's hacking
A person who picks up programming quickly
A person who is an expert at a particular programming language or system.
1.2 Hackers and crackers Generally people confuse hackers with crackers. The difference between hackers and crackers, according to them, is that where hackers use their skills and knowledge to learn more about how systems and networks work, crackers will use the same skills to author harmful software (like viruses etc.) and illegally infiltrate secure systems with the intention of doing harm to the system.
Ruchika Gupta
5
100690309909
Summer Training-2011
CSE
In other words hacker is "A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular”. A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Also note that not all hackers are humans. You also get computerized hackers, but they are developed by humans of course.
Ruchika Gupta
6
100690309909
Summer Training-2011
CSE
Chapter – 2 Hacking’s History
From phone phreaks to Web attacks, hacking has been a part of computing for 50 years. Hacking has been around pretty much since the development of the first electronic computers. Here are some of the key events in the last five decades of hacking
2.1
1960s - The Dawn of Hacking
The first computer hackers emerge at MIT. They borrow their name from a term to describe members of a model train group at the school who "hack" the electric trains, tracks, and switches to make them perform faster and differently. A few of the members transfer their curiosity and rigging skills to the new mainframe computing systems being studied and developed on campus.
2.2
1970s - Phone Phreaks and Cap'n Crunch
Phone hackers (phreaks) break into regional and international phone networks to make free calls. One phreak, John Draper (aka Cap'n Crunch), learns that a toy whistle given away inside Cap'n Crunch cereal generates a 2600-hertz signal, the same high-pitched tone that accesses AT&T's long-distance switching system.Draper builds a "blue box" that, when used in conjunction with the whistle and sounded into a phone receiver, allows phreaks to make free calls.Shortly thereafter, Esquire magazine publishes "Secrets of the Little Blue Box" with instructions for making a blue box, and wire fraud in the United States escalates. Among the perpetrators: college kids Steve Wozniak and Steve Jobs, future founders of Apple Computer, who launch a home industry making and selling blue boxes.
Ruchika Gupta
7
100690309909
Summer Training-2011
CSE
2.3 1980 - Hacker Message Boards and Groups Phone phreaks begin to move into the realm of computer hacking, and the first electronic bulletin board systems (BBSs) spring up.The precursor to Usenet newsgroups and e-mail, the boards--with names such as Sherwood Forest and Catch-22--become the venue of choice for phreaks and hackers to gossip, trade tips, and share stolen computer passwords and credit card numbers.Hacking groups begin to form. Among the first are Legion of Doom in the United States, and Chaos Computer Club in Germany.
2.4 1983 - Kids' Games The movie War Games introduces the public to hacking, and the legend of hackers as cyberheroes (and anti-heroes) is born. The film's main character, played by Matthew Broderick, attempts to crack into a video game manufacturer's computer to play a game, but instead breaks into the military's nuclear combat simulator computer..The computer (codenamed WOPR, a pun on the military's real system called BURGR) misinterprets the hacker's request to play Global Thermonuclear War as an enemy missile launch. The break-in throws the military into high alert, or Def Con 1 (Defense Condition 1).The same year, authorities arrest six teenagers known as the 414 gang (after the area code to which they are traced). During a nine-day spree, the gang breaks into some 60 computers, among them computers at the Los Alamos National Laboratory, which helps develop nuclear weapons.
2.5 1984 - Hacker 'Zines The hacker magazine 2600 begins regular publication, followed a year later by the online 'zine Phrack. The editor of 2600, "Emmanuel Goldstein" (whose real name is Eric Corley), takes his handle from the main character in George Orwell's 1984. Both publications provide tips for would-be hackers and phone phreaks, as well as commentary
Ruchika Gupta
8
100690309909
Summer Training-2011
CSE
on the hacker issues of the day. Today, copies of 2600 are sold at most large retail bookstores.
2.6 1986 - Use a Computer, Go to Jail In the wake of an increasing number of break-ins to government and corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems. The law, however, does not cover juveniles.
2.7 1988 - The Morris Worm Robert T. Morris, Jr., a graduate student at Cornell University and son of a chief scientist at a division of the National Security Agency, launches a self-replicating worm on the government's ARPAnet (precursor to the Internet) to test its effect on UNIX systems.The worm gets out of hand and spreads to some 6000 networked computers, clogging government and university systems. Morris is dismissed from Cornell, sentenced to three years' probation, and fined $10,000.
2.8 1989 - The Germans and the KGB In the first cyberespionage case to make international headlines, hackers in West Germany (loosely affiliated with the Chaos Computer Club) are arrested for breaking into U.S. government and corporate computers and selling operatingsystem source code to the Soviet KGB.Three of them are turned in by two fellow hacker spies, and a fourth suspected hacker commits suicide when his possible role in the plan is publicized. Because the information stolen is not classified, the hackers are fined and sentenced to probation.In a separate incident, a hacker is arrested who calls himself The Mentor. He publishes a now-famous treatise that
Ruchika Gupta
9
100690309909
Summer Training-2011
CSE
comes to be known as the Hacker's Manifesto. The piece, a defense of hacker antics, begins, "My crime is that of curiosity... I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all."
2.9 1990 - Operation Sundevil After a prolonged sting investigation, Secret Service agents swoop down on hackers in 14 U.S. cities, conducting early-morning raids and arrests.The arrests involve organizers and prominent members of BBSs and are aimed at cracking down on credit-card theft and telephone and wire fraud. The result is a breakdown in the hacking community, with members informing on each other in exchange for immunity.
2.10 1993 - Why Buy a Car When You Can Hack One? During radio station call-in contests, hacker-fugitive Kevin Poulsen and two friends rig the stations' phone systems to let only their calls through, and "win" two Porsches, vacation trips, and $20,000.Poulsen, already wanted for breaking into phone- company systems, serves five years in prison for computer and wire fraud. (Since his release in 1996, he has worked as a freelance journalist covering computer crime.)The first Def Con hacking conference takes place in Las Vegas. The conference is meant to be a one-time party to say good-bye to BBSs (now replaced by the Web), but the gathering is so popular it becomes an annual event.
2.11 1994 - Hacking Tools R Us
Ruchika Gupta
10
100690309909
Summer Training-2011
CSE
The Internet begins to take off as a new browser, Netscape Navigator, makes information on the Web more accessible. Hackers take to the new venue quickly, moving all their how-to information and hacking programs from the old BBSs to new hacker Web sites.As information and easy-to-use tools become available to anyone with Net access, the face of hacking begins to change.
2.12 1995 - The Mitnick Takedown Serial cybertrespasser Kevin Mitnick is captured by federal agents and charged with stealing 20,000 credit card numbers. He's kept in prison for four years without a trial and becomes a cause célèbre in the hacking underground.After pleading guilty to seven charges at his trial in March 1999, he's eventually sentenced to little more
than
time
he
had
already
served
while
he
wait
for
a
trial.Russian crackers siphon $10 million from Citibank and transfer the money to bank accounts around the world. Vladimir Levin, the 30-year-old ringleader, uses his work laptop after hours to transfer the funds to accounts in Finland and Israel.Levin stands trial in the United States and is sentenced to three years in prison. Authorities recover all but $400,000 of the stolen money.
2.13 1997 - Hacking AOL AOHell is released, a freeware application that allows a burgeoning community of unskilled hackers--or script kiddies--to wreak havoc on America Online. For days, hundreds of thousands of AOL users find their mailboxes flooded with multimegabyte mail bombs and their chat rooms disrupted with spam messages.
Ruchika Gupta
11
100690309909
Summer Training-2011
CSE
2.14 1998 - The Cult of Hacking and the Israeli Connection The hacking group Cult of the Dead Cow releases its Trojan horse program, Back Orifice--a powerful hacking tool--at Def Con. Once a hacker installs the Trojan horse on a machine running Windows 95 or Windows 98, the program allows unauthorized remote access of the machine. During heightened tensions in the Persian Gulf, hackers touch off a string of break-ins to unclassified Pentagon computers and steal software programs. Then-U.S. Deputy Defense Secretary John Hamre calls it "the most organized and systematic attack" on U.S. military systems to date.An investigation points to two American teens. A 19-year-old Israeli hacker who calls himself The Analyzer (aka Ehud Tenebaum) is eventually identified as their ringleader and arrested. Today Tenebaum is chief technology officer of a computer consulting firm.
2.15 1999 - Software Security Goes Mainstream In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for security (and hacking). Hundreds of advisories and patches are released in response to newfound (and widely publicized) bugs in Windows and other commercial software products. A host of security software vendors release antihacking products for use on home computers.
2.16 2000 - Service Denied In one of the biggest denial-of-service attacks to date, hackers launch attacks against eBay, Yahoo, Amazon, and others.Activists in Pakistan and the Middle East deface Web sites belonging to the Indian and Israeli governments to protest
Ruchika Gupta
12
100690309909
Summer Training-2011
CSE
oppression in Kashmir and Palestine.Hackers break into Microsoft's corporate network and access source code for the latest versions of Windows and Office.
2.17
2001 - DNS Attack
Microsoft becomes the prominent victim of a new type of hack that attacks the domain name server. In these denial-of-service attacks, the DNS paths that take users to Microsoft's Web sites are corrupted. The hack is detected within a few hours, but prevents millions of users from reaching Microsoft Web pages for two days.
Ruchika Gupta
13
100690309909
Summer Training-2011
CSE
Chapter – 3 Types
of Hacking
3.1 Website Hacking
Website hacking has been around ever since w3 were introduced to the public in the 80s. While there may have been a time, at least in the early days, where hacking was rather simplistic and was comprised of little more than getting someone’s password and creating virtual “Graffiti” on their site, today’s hackers are much more sophisticated. More advanced techniques were introduced, which are dangerous and unpredictable, of course. It’s important, first of all, to understand some statistics about website hacking. Around two thirds of website hacking is done not for ideological purposes or even graffiti, but rather for profit. People hack websites today in order to gather information they intend to use for nefarious purposes and for their own financial gain. Strangely enough, then, just under half of all website hacking incidents occurred with non-commercial sites like governmental or educational sites. This may be, at least partially, because these types of organizations are more likely to report a website hacking attack, although that is not always the case. When it comes to commercial sites, Internet-related companies tend to be top targets. This includes e-commerce sites, media sites, search engines, and even search providers. Part of the reason these companies are such a huge target is the fact that they often have databases full of all sorts of personal information that can generate billions of profits. Ruchika Gupta
14
100690309909
Summer Training-2011
CSE
3.1.1 Issues There are few issues when it comes to hacking; here we have highlighted some of those which provoked the hackers to do so: 1. The biggest issue when it comes to website hacking is the issue of personal information. Some websites store a large amount of personal data, from name and address information to credit card information and probably purchase history on the site. A website hacker can use this kind of information to steal the identity of the customers. 2. National security is another concern when it comes to website hacking. Some statistics suggest that as many as two thirds of hacking attempts aimed at the U.S. Department of Defense each year are successful. If this statistic is true, website hacking poses a very real and present danger, not only in the U.S. but in countries around the globe. Website hacking, then, is not only an issue of financial concern for some companies and for some individuals, but of safety and security of people around the globe. 3. Another important issue in this area is the source of website hacking. While outside attacks do make up a good percentage of website hacking incidents, many incidents are also caused from within. Whether it’s a disgruntled employee, an employee who is out for her own financial gain or a person who has been unwittingly recruited by a third party, a company’s personnel are at least an equal risk as those outside the company when it comes to website hacking. 4. Complicating the issue is the public image of the hacker. The stereotypical hacker is a computer geek who sits at home and breaks into secure websites just for fun. Unfortunately, this public image rarely matches the reality. Like we said before, most website hacking incidents aren’t about curiosity; they’re a dedicated effort to make money. Website hackers generally aren’t young kids experimenting – they’re often individuals with criminal purposes. It’s easy to commit crime and
Ruchika Gupta
15
100690309909
Summer Training-2011
CSE
just escape using the internet. In most cases, they’re not acting as a “robin hood” of sorts, either. They are out to benefit themselves, and only themselves. Above all, it’s worth mentioning that website hacking is illegal, regardless of who does it and for what purpose. Penalties can be severe, often very severe, for people who are caught website hacking. 3.1.2 Prevention Preventing website hacking can be a challenge, especially if your company or organization doesn’t have expendable resources that can be invested in specialized security equipment or staff. Still, there are some important things you can do to prevent website hacking, or at least minimize your risk. 1. A company mush train their employees well when it comes to hacking. This occurs on two levels. Firstly, a company must let its employees know that hacking their website will be dealt harshly. If a company is willing to press charges against a hacking employee, say so. This may prevent an employee who is thinking about website hacking from ever doing it in the first place. Obviously, this doesn’t protect against outside threats, but it may help reduce the risk of internal threats. 2. The other type of training a company needs has to do with their IT department. Yes, your IT security engineer needs to be up to speed on the latest security techniques. However, your website programmers need to have a solid base of security knowledge, as well. There are some instances in which simply configuring a website a certain way can reduce the risks of website hacking, and your team needs to know how. 3. It’s also important that you keep your website scripts up to date. Use the latest and most stable version of the web software you’re using, so that potential security holes are closed. While new holes are often discovered, staying up to date helps reduce the number of potential successful website hacking scenarios. The same
Ruchika Gupta
16
100690309909
Summer Training-2011
CSE
holds true for the operating system running on your web server, as well as any firmware running on your network equipment or your firewall and content filter. 4. Physical security of your systems is important, as well. It’s a lot easier for someone to walk up to your web server and make hacking changes than it is for them to invent some sort of SQL injection that will make those changes. Physical access to your servers and to systems that have access to your servers is key. 5. How you configure your website applications and permissions are key in preventing website hacking, as well. For example, if you use MySQL, set your usernames and passwords up in a way that you don’t allow maximum global permission to scripted users. Making sure your user groups have exactly the right permissions not only helps to grant users the tools they need, it also helps to reduce the risk of website hacking. 6. As with just about any type of computer security, it’s important to use strong passwords for administrative accounts. You should make sure those passwords are changed at regular intervals, as well. A well-developed password policy that is enforced systematically greatly reduces a number of IT security risks. 7. Keeping a strong firewall system in place is important in preventing website hacking, too. If you can use a filtering system that has access to a blacklist of potential hacking sources, you can reduce some of your website hacking risk. In addition, firewalls protect other systems that may be vulnerable to hacking or to other attacks. None of these prevention methods are foolproof, of course. However, if you are diligent about them and able to implement them, you will greatly reduce the risk that a hacker will be able to attack your company’s website.
Ruchika Gupta
17
100690309909
Summer Training-2011
CSE
3.2 E- mail Hacking Today any body can access hacking tips through the Internet and start hacking your yahoo or hotmail account. All that is needed is doing a search on google with keywords like “how to hack yahoo”, “hack Facebook ”, “Orkut hack program” etc. Keep this in mind there is no program that will do all this for you.. If any websites providing any such software in blah blah dollar. Don't go for it there is no such software which can hack e-mail accounts.... But there are some techniques by which any hacker hack u r e-mails accounts... The following article is not an effort to teach you email hacking, but it has more to do with raising awareness on some common email hacking methods...
The following are the only 2 working and foolproof methods for email hacking...
3.2.1 If You Have Physical Access: THis is one of the easiest way to hack some one e-mail account. If you have physical access to the computer of the user that you are targeting then u can easily hack his/her account by simpily installing keylogger. A keylogger is an excellent option, and probably the easiest. There are a lot of keyloggers out there, ranging from hardware keyloggers, to software keyloggers. For this task, you won't need to buy a hardware keylogger, since the only advantage to a hardware one is that you can grab passwords that are given to access a certain local user on the operating system used. There are a lot of software keyloggers out there, and you can feel free to check out www.google.com to look at your options. u can easily get because most have them are freeware... Download Ghost Keylogger. It has a lot of options that will allow you to get the results of this program remotely (it will email you the results).
Ruchika Gupta
18
100690309909
Summer Training-2011
CSE
Another option you have if you have physical access is to execute a RAT (Remote Administration Tool, you may know these programs as trojans as i mention in my computer Torjan post) server on the computer. Of course, you do not have to have physical access to go this route, but it helps. What you must understand is that these tools are known threats, and the popular ones are quickly detected by antivirus software, and thusly taken care of. 3.2.2 If You Don't Have Physical Access: I think most of you waiting for this part of e-mail hacking I think this on of the interesting section. there still are ways you can gain access into the desired email account without having to have any sort of physical access. You can do this by one of famous attack "Phishing" What is Phishing? Phishing is a way of deceiving your victim by making him login through one of your webpages which is a clone of the original one.Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by appearing as a trustworthy entity in an electronic communication. eBay, PayPal and other online banks are common targets. Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used. Phishing is an example of social engineering techniques. Recent phishing attempts have targeted the customers of banks and online payment services. This is used for criminal activities for stealing Credits Cards and So.And that is the exact reason why i DO NOT want you to use this for fraud.
3.2.3 Prevention against Phishing: 1. Read all the Email Carefully and Check if the Sender is Original Watch the Link Carefully
before
Clicking
2. Always check the URL in the Browser before Signing IN to your Account Ruchika Gupta
19
100690309909
Summer Training-2011
CSE
3. Always Login to Your Accounts after opening the Trusted Websites, not by Clicking in any other Website or Email.
3.2.4 Securing your Email Account: 1. Always configure a Secondary Email Address for the recovery purpose 2. Properly configure the Security Question and Answer in the Email Account 3. 4.
Do Do
5.
Not
Not Use
Take
Open
Emails
any
other’s
computer
Care
of
the
from to
strangers
check
your
Phishing
Email Links
6. Do not reveal your Passwords to your Friends or Mates.
3.3 Network Hacking In my post Access computer remotely, i have mentioned about use of backdoor to access or hack computer remotely .The following article explains the method used by most hackers to access someones computer/hard disk remotely using command prompt in your network ie network computer hacking. Step1 Get a good IP scanner angry ip scanner is a good one you can get it here: http://www.angryziber.com/ipscan/ Step2 Replace 255.255.255.255 with the victims IP address. c:\windows>nbtstat -a 255.255.255.255 If you see this your in: NetBIOS Remote Machine Name Table Step 3 type down:
Ruchika Gupta
20
100690309909
Summer Training-2011
CSE
c:\windows>net view \\255.255.255.255 if the output is like this: Sharedresourcesat\\255.255.255.255 ComputerNameGoesHere Sharename Type Used as Comment ———————————————————— CDISK Disk xxxxx xxxxx The command completed successfully. “DISK” shows that the victim is sharing a Disk named as CDISK Step 4 type down: you can replace x: by any letter you want but not the letter of your own drive. CDISK is the name of the shared harddrive. c:\windows>net use x: \\255.255.255.255\CDISK If the command is successful you are a small time hacker. Now open windows explorer or just double click on the My Computer icon on your desktop and you will see a new network drive X:. Note to newbies: This hack will only work if you have the ip of someone on your network. It will not work if the ip of the person you want to “hack” is not on your network. Tip: If you can only access your targets shared folder put a batch file in their shared folder with the command C=C if they open it,it will share their hardrive.
Expert Advice on Keeping Your Network Safe by Blocking Dangerous Hacker Attacks The stories go on and on about another individual having their personal information stolen from their computer by some hacker. While it is true that hackers do get people's information, and they will keep on getting that information, it is also true that having intrusion detection software can help. And even better, to be hacker safe intrusion prevention system is by the same software.
Ruchika Gupta
21
100690309909
Summer Training-2011
CSE
Why You Need Intrusion Detection Doors can be opened to hackers in varied ways. Two of the most common ways by which they can gain access to your computer is simply through emails, or Web pages that you visit that have spyware, or trojans (a file which looks innocent, but actually will later open doors to a hacker) attached to them. Other ways are robot spiders sent out over the Internet to find unprotected computers, and open doors. Some say that every computer attached to the Internet may be attacked by such a spider as many as 50 times each day. So, if you do not have an intrusion prevention system in place, up-to-date, then you may have regular unexpected visitors - and you may not even know it. Others say that 9 out of 10 computers have some sort of spyware, or malware on them. Could you be one of them? This article will show you what is available on the market for your protection - and much of it can be obtained for free.The spider robots work automatically - looking for and identifying computers on the Internet that have doors, or ports, open to them. This information is then reported back to the hacker - knowing which computers to target - and which port to use. For this reason, every now and then, Microsoft will come out with a new patch for Windows, in order to close some faulty door that hackers have discovered and been using. What Is Intrusion Detection? Network Intrusion detection software is a must-have these days. Each company's software will vary somewhat (for copyright and originality purposes), but you do need one for your own network, or home computer. It differs from a firewall in that the purpose of a firewall is to stop unauthorized external contacts with your system. These offer hacker prevention largely for contacts from outside the network. Most of these will now notify the owner or network controller of intrusion attempts. Network intrusion detection systems, on the other hand, will give you warnings about events that take place within the network itself. 3.4 Password Hacking What are some password basics? Most accounts on a computer system usually have some method of restricting access to that account, usually in the form of a password. When accessing the system, the user has to present a valid ID to use the system, followed by a
Ruchika Gupta
22
100690309909
Summer Training-2011
CSE
password to use the account. Most systems either do not echo the password back on the screen as it is typed, or they print an asterisk in place of the real character. On most systems,the password is typically ran through some type of algorithm to generate a hash. The hash is usually more than just a scrambled version of the original text that made up the password, it is usually a one-way hash. The one-way hash is a string of characters that cannot be reversed into its original text. You see, most systems do not “decrypt” the stored password during authentication, they store the one-way hash. During the login process, you supply an account and password. The password is ran through an algorithm that generates a one-way hash. This hash is compared to the hash stored on the system. If they are the same, it is assumed the proper password was supplied. Cryptographically speaking, some algorithms are better than others at generating a one-way hash. The main operating systems we are covering here — NT, Netware, and Unix — all use an algorithm that has been made publically available and has been scrutinized to some degree. To crack a password requires getting a copy of the one-way hash stored on the server, and then using the algorithm generate your own hash until you get a match. When you get a match, whatever word you used to generate your hash will allow you to log into that system. Since this can be rather timeconsuming, automation is typically used. There are freeware password crackers available for NT, Netware, and Unix. Why protect the hashes? If the one-way hashes are not the password itself but a mathematical derivative, why should they be protected? Well, since the algorithm is already known, a password cracker could be used to simply encrypt the possible passwords and compare the one-way hashes until you get a match. There are two
types
of
approaches
to
this
—
dictionary
and
brute
force.
Usually the hashes are stored in a part of the system that has extra security to limit access from potential crackers. Ruchika Gupta
23
100690309909
Summer Training-2011
CSE
3. What is a dictionary password cracker? A dictionary password cracker simply takes a list of dictionary words, and one at a time encrypts them to see if they encrypt to the one way hash from the system. If the hashes are equal, the password is considered cracked, and the word tried from the dictionary list is the password. Some of these dictionary crackers can “manipulate” each word in the wordlist by using filters. These rules/filters allow you to change “idiot” to “1d10t” and other advanced variations to get the most from a word list. The best known of these mutation filters are the rules that come with Crack (for Unix). These filtering rules are so popular they have been ported over to cracking software for NT. If your dictionary cracker does not have manipulation rules, you can “pretreat” the wordlist. There are plenty of wordlist manipulation tools that allow all kinds of ways to filter, expand, and alter wordlists. With a little careful planning, you can turn a small collection of wordlists into a very large and thorough
list
for
dictionary
crackers
without
those
fancy
wordmanipulations built in.
What is a brute force password cracker? A brute force cracker simply tries all possible passwords until it gets the password. From a cracker perspective, this is usually very time consuming. However, given enough time and CPU power, the password eventually gets cracked. Most modern brute force crackers allow a number of options to be specified, such as maximum password length or characters to brute force with.
Which method is best for cracking? It really depends on your goal, the cracking software you have, and the operating system you are trying to crack. Let’s go through several scenarios. If you remotely retrieved the password file through some system bug, your goal may be to simply get logged into that system. With the password file, Ruchika Gupta
24
100690309909
Summer Training-2011
CSE
you now have the user accounts and the hashes. A dictionary attack seems like the quickest method, as you may simply want access to the box. This is typical if you have a method of leveraging basic access to gain god status. If you already have basic access and used this access to get the password file, maybe you have a particular account you wish to crack. While a couple of swipes with a dictionary cracker might help, brute force may be the way to go. If your cracking software does both dictionary and brute force, and both are quite slow, you may just wish to kick off a brute force attack and then go about your day. By all means, we recommend a dictionary attack with a pretreated wordlist first, followed up by brute force only on the accounts you really want the password to. You should pre-treat your wordlists if the machine you are going to be cracking from bottlenecks more at the CPU than at the disk controller. For example, some slower computers with extremely fast drives make good candidates for large pre-treated wordlists, but if you have the CPU cycles to spare you might want to let the cracking program’s manipulation filters do their thing. A lot of serious hackers have a large wordlist in both regular and pre-treated form to accommodate either need.
What is a salt? To increase the overhead in cracking passwords, some algorithms employ salts to add further complexity and difficulty to the cracking of passwords. These salts are typically 2 to 8 bytes in length, and algorithmically introduced to further obfuscate the one-way hash. Of the major operating systems covered here, only NT does not use a salt. The specifics for salts for both Unix and Netware systems are covered in their individual password sections. Historically, the way cracking has been done is to take a potential password, encrypt it and produce the hash, and then compare the result to each account in the password file. By adding a salt, you force the cracker to have to read the salt in and encrypt the potential password with each salt present in the password file. This increases the amount of time to break all of the Ruchika Gupta
25
100690309909
Summer Training-2011
CSE
passwords, although it is certainly no guarantee that the passwords can’t be cracked. Because of this most modern password crackers when dealing with salts do give the option of checking a specific account.
What are the dangers of cracking passwords? The dangers are quite simple, and quite real. If you are caught with a password file you do not have legitimate access to, you are technically in possession of stolen property in the eyes of the law. For this reason, some hackers like to run the cracking on someone else’s systems, thereby limiting their liability. I would only recommend doing this on a system you have a legitimate or well-established account on if you wish to keep a good eye on things, but perhaps have a way of running the cracking software under a different account than your own. This way, if the cracking is discovered (as it often is — cracking is fairly CPU-intensive), it looks tobelong to someone else. Obviously, you would want to run this under system adminstrator priviledges as you may have a bit more control, such as assigning lower priority to the cracking software, and hiding the results (making it less obvious to the real administrator). Being on a system you have legit access to also allows you better access to check on the progress. Of course, if it is known you are a hacker, you’ll still be the first to be blamed whether the cracking software is yours or not! Running the cracking software in the privacy of your own home has the advantage of allowing you to throw any and all computing power you have at your disposal at a password, but if caught (say you get raided) then there is little doubt whose cracking job is running. However, there are a couple of things you can do to protect yourself: encrypt your files. Only decrypt them when you are viewing them, and wipe and/or encrypt them back after you are done viewing them.
Hack Facebook Password
Ruchika Gupta
26
100690309909
Summer Training-2011
CSE
If you have been looking for how to hack into a facebook account then this site is for you. With our free hacking tool you can obtain the password to nearly any profile on facebook.com. Simply follow the download link and run the program. Enter the details of the profile you want such as name, email and ID, then the tool will attempt the extract their password from the server. This program has been developed by underground hacking communities and we have put it online for anyone to use, for free! •
Just download the tool and run it. Simple.
•
Hack any facebook account password
•
Absolutely Free
•
Will download the original password in plaintext so you log straight in
•
Used by many underground forums and communities
•
Safe to download - virus scan results
•
Obtains the original password so the victim will not know they have been hacked
•
90% success rate. You can not hack admin, moderator, high profile or celebrity
accounts •
We will continously update the software if facebook.com ever patch the security
holes
How to hack facebook account passwords
Step One: Email Please send an email with the subject line 'DOWNLOAD' to the following email address:
[email protected] This is so we can add your email address to the allow list to activate the hack tool. This is so we can restict who uses our software and to stop abuse.
Step Two: Download The Facebook Hack Tool has been developed to run on any Windows platform (XP, Vista, 7 etc). If you run Mac OSx, Linux or any other platform, please contact us and we will let you know when we have those versions. This download is in .exe format so simply download and save into your documents. As with anything you download online, Ruchika Gupta
27
100690309909
Summer Training-2011
CSE
scan with your anti virus to be safe. Once you are happy, run the program and go to step 3.
Step Three: Run •
Once you have completed step 2 and the program is running...
•
In
the
first
textbox
type
their
facebook
ID
or
Username
(eg. http://www.facebook.com/profile.php?id=1234567890) •
To increase the success rate you can provide the folllowing additional info.
•
[Optional] Enter their Full Name.
•
[Optional] Enter their Date of Birth in the format of DD/MM/YYYY.
•
[Optional] Enter their Email Address.
•
To activate the program, you need to enter the Auth code - please see Step 4.
•
Click 'Run Exploit'. The program will then run the exploit and attempt to extract
the victims password. •
To program is designed to run via multiple proxies to keep you completely
anonymous. •
If successful, the original password will be shown in plaintext.
•
Simply copy and paste the password and log into their account.
Step Four: Auth Code If you are using the Free version of this software available on this site, you will need to obtain an Auth code to run the program. This type of software/exploit does not come cheap on the internet - feel free to look around for other free versions - they don't exist! Hiring professional hackers costs hundreds and obtaining a working exploit for facebook is very rare. We do not charge you for using our software, but we do ask that you fill in a few quick free surveys/offers as a thanks for our work. The Auth Code/Password will become available once you have fully completed a survey.
Ruchika Gupta
28
100690309909
Summer Training-2011
CSE
3.5 Online Banking Hacking Internet users are leaving the door to their online accounts wide open, with an analysis of tens of millions of leaked passwords revealing the most common are basic number strings such as "123456" and obvious keywords including "password" and "abc123". Data security provider Imperva, which analysed the passwords in a new report, says such laziness is often equivalent to having no locks on the account at all as simple passwords are easily broken using "brute force" techniques. The report, Consumer Password Worst Practices, analysed 32 million passwords that were exposed in a Rockyou.com breach in December. Advertisement: Story continues below Not only did it expose commonly used passwords, but it was also similar to a 1990 Unix study, which showed a password selection that had a similar pattern to that which consumers use today. The company estimates that putting minimal effort into a password means that a hacker can access a new account every second or 1000 accounts every 17 minutes. Brian Contos, chief security strategist at Imperva, says the scary part is that most people use the same inadequate passwords to access everything such as their Facebook account, email and online banking. "Ideally you should have various passwords for everything, but it can be difficult for people to remember them," Contos says. At a minimum, users should have two sets of passwords, particularly when it comes accessing sensitive data such as online banking, Contos advises. The shortness and simplicity of passwords means many users select credentials that will make them susceptible to basic forms of cyber attacks known as “brute force attacks”. For companies, password insecurity can have serious consequences. Employees using the same passwords on Facebook and also in the workplace bring the possibility of compromising the system, especially if it's as easy to crack as "123456". "The report gives us a good sense of how people select passwords and that a lot of organisations are not using encryption to secure password information," Contos said. "It's a wake-up call. At no point in our history has so much of our information been digitised. So much of the data is sensitive and the threat is extreme."
Ruchika Gupta
29
100690309909
Summer Training-2011
CSE
Top 20 commonly used passwords and number of users with it 1. 123456 (290,731) 2. 12345 (79,078) 3. 123456789 (76,790) 4. Password (61,958) 5. iloveyou (51,622) 6. princess (35,231) 7. rockyou (22,588) 8. 1234567 (21,726) 9. 12345678 (20,553) 10. abc123 (17,542) 11. Nicole (17,168) 12. Daniel (16,409) 13. babygirl (16,094) 14. monkey (15,294) 15. Jessica (15,162) 16. Lovely (14,950) 17. michael (14,898) 18. Ashley (14,329) 19. 654321 (13,984) 20. Qwerty (13,856)
Hacking Online Banking and Credit Card Transactions. And How to Prevent It This very popular column on wireless hacking and how to prevent it is generating a lot of interest with over 125,000 page views and counting. Paraphrased comments on digg.com have ranged from "Fantastic" and "Awesome" to "That"s not really hacking" and "Where"s
the
beef."
Well...
just
The
remember
that
you
asked
for
it!
Scenario
You go to a coffee shop for a cup of coffee and to utilize the shops Wi-Fi HotSpot to surf Ruchika Gupta
30
100690309909
Summer Training-2011
CSE
the web. You connect to the hotspot network and decide to perform some online banking or to purchase something online. By the way, this could happen to you at home, as well. As an end-user, you feel quite secure, as you see the lock in the bottom corner of your Internet browser, symbolizing that the online banking or online credit card transaction is safe from prying eyes. Your data, including username, password, credit card info, etc. will
be
encrypted
with
128-bit
encryption.
So
it"s
secure,
right?
It is not uncommon to perform banking and to purchase products online with your credit card. It is also a common thought that doing so is secure, as this is done via SSL. For the most part, this is true and the sessions are secure. Discover Card, for example, posts. The problem is that it is not virtually impossible for someone else to see your data, such as login information or credit card numbers. It can actually be relatively easy, as youll see, if you as an end-user are not knowledgeable about how you can be exploited.. Continuing with the scenario, what you didnt realize is that a hacker has intercepted your Online Banking login credentials and credit card information and can now log into your Online Banking Website or purchase items with your credit card. How is this possible, since SSL was used and is hard to break? The answer is that you made a fatal mistake that subjected
you
to
an
SSL
Man-in-the-Middle
(MITM)
attack.
The fatal flaw that enabled the sensitive information to be stolen is possible when an enduser is not properly educated on an easy to do and well-known SSL exploit SSL MITM.
The hacker goes to coffee shop and connects to the same Wi-Fi network you are connected to. He runs a series of utilities to redirect other user�s data through his machine. He runs a number of other utilities to sniff the data, act as an SSL Certificate An important concept to grasp here is that a certificate is used to establish the secure SSL connection. This is a good thing, if you have a good certificate and are connecting directly to the website to which you intended to use. Then all your data is encrypted from your browser to the SSL website where the bank�s website will use the information Ruchika Gupta
31
100690309909
Summer Training-2011
CSE
from the certificate it gave you to decrypt your data/credentials. If that is truly the case, then it is pretty darn hard for a hacker to decrypt the data/credentials being transmitted, This is a bad thing if you have a �Fake� certificate being sent from the hacker, and you are actually connecting to his machine, not directly to the bank�s website. In this case, your credentials are being transmitted between your browser and the hacker�s machine. The hacker is able to grab that traffic, and, because he gave you the certificate to encrypt the data/credentials, he can use that same certificate to decrypt your data/credentials. Here are the exact steps a hacker could use to perform this attack:The first thing he would do is turn on Fragrouter, so that his machine can perform IP forwarding Ater that, hell want to direct your Wi-Fi network traffic to his machine instead of your data traffic going directly to the Internet. This enables him to be the Man-in-the-Middle between your machine and the Internet. Using Arpspoof, a real easy way to do this, he determines your IP address is 192.168.1.15 and the Default Gateway of the Wi-Fi network
is
192.168.1.1:
The next step is to enable DNS Spoofing via DNSSpoof: Since he will be replacing the Bank"s or Online Stores valid certificate with his own fake one, he will need to turn on the utility to enable his system to be the Man-in-the-Middle for web sessions and to handle
certificates.
This
is
done
via
webmitm:
At this point, he is setup and ready to go, he now needs to begin actively sniffing your data passing through his machine including your login information and credit card info. He opts to do this with Ethereal, then saves his capture. He now has the data, but it is still encrypted with 128-bit SSL. No problem, since he has the key. What he simply needs to do now is decrypt the data using the certificate that he gave you. He does this with SSL Dump: The data is now decrypted and he runs a Cat command to view the now decrypted SSL information. Note that the username is Bankusername and the password is BankPassword. Conveniently, this dump also shows that the Banking site as National City. FYI, the better, more secure banking and online store websites will have you first connect to another, preceeding page via SSL, prior to connecting to the page where you
Ruchika Gupta
32
100690309909
Summer Training-2011
CSE
enter the sensitive information such as bank login credentials or credit card numbers. The reason for this is to stop the MITM-type attack. How this helps is that if you were to access this preceeding page first with a "fake" certificate and then proceeded to the next page where you were to enter the sensitve information, that page where you would enter the sensitive information would not display. That is because the page gathering the sensitive information would be expecting a valid certificate, which it would not receive because of the Man-in-the-Middle. While some online banks and stores do implement this extra step/page for security reasons, the real flaw in this attack is the uneducated end-user, With this information, he can now log into your Online Banking Account with the same access and privileges as you. He could transfer money, view account data, etc. Below is an example of a sniffed SSL credit card purchase/transaction. You can see that Elvis Presley was attempting to make a purchase with his credit card 5440123412341234 with an expiration date of 5/06 and the billing address of Graceland in Memphis, TN (He is alive!). If this was your information, the hacker could easily make online purchases with your card.Also Real Bad News for SSL VPN AdminsThis type of attack could be particularly bad for corporations. The reason for this is that Corporate SSL VPN solutions are also vulnerable to this type of attack. Corporate SSL VPN solutions will often authenticate against Active Directory, the NT Domain, LDAP or some other centralized credentials data store. Sniffing the SSL VPN login then gives an attacker valid credentials
Theres a big step and end-user can take to prevent this from taking place. When the MITM Hacker uses the bad certificate instead of the good valid certificate, the end-user is actually alerted to this. The problem is that most end-users dont understand what this means and will unknowingly agree to use the fake certificate. Below is an example of the Security Alert an end-user would receive. Most uneducated end-users would simply click: By clicking Yes, they have set themselves up to be hacked. By clicking the View Certificate button, the end-user would easily see that there is a problem. Below are examples of the various certificate views/tabs that show a good certificate compared to *Again, the simple act of viewing the certificate and clicking No would have prevented *Education is the key for an end-user. If you see this message, take the time to view the certificate. As you can see from the examples above, you can tell when something doesnt look right. If you cant tell, err on the side of caution and call your Online Bank or the Ruchika Gupta
33
100690309909
Summer Training-2011
CSE
*Take the time to read and understand all security messages you receive. Dont just randomly click yes out of convenience.How a Corporation Can Prevent This *Educate
the
end-user
on
the
Security
Alert
and
how
to
react
to
it.
*Utilize One Time Passwords, such as RSA Tokens, to prevent the reuse of sniffed credentials. *When using SSL VPN, utilize mature products with advanced features, such as Junipers Secure
Application
Manager
or
Network
Connect
functionality.
Conclusion This type of attack is relatively easy to do in a public Wi-Fi hotspot environment. It could also easily happen on a home Wi-Fi network, if that Wi-Fi network isnt properly configured and allows a hacker to connect to that home network (See Essential Wireless Hacking Tools for more info on securing your home network). An educated end-user and sound security practices by corporations can protect your valuable data.
3.6 Computer Hacking Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. Since the word “hack” has long been used to describe someone who is incompetent at his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition to their skills. Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others. Since a large number of hackers are self-taught prodigies, some corporations actually employ computer hackers as part of their technical support staff. These individuals use their skills to find flaws in the company’s security system so that they can be repaired Ruchika Gupta
34
100690309909
Summer Training-2011
CSE
quickly. In many cases, this type of computer hacking helps prevent identity theft and other serious computer-related crimes.
Computer hacking incorporates some degree of violation on the privacy of others, invading the network security, and thus causing damage to confidential files, web page or software. It may also include downloading or alteration of files through unauthorized access. Computer hacking is the practice of altering computer hardware and software, in order to cause
damage
to
important
data
on
a computer or
to
simply
steal
secret
information. Computer hackers often aim at home and office computers that are connected to the Internet. The Internet makes PC vulnerable to attacks from hackers from across the globe. Effects of computer hacking 1. Computer hacking is the break of computer security. It exposes the sensitive data of the user and risks user privacy. These activities disclose the secret user information such as personal details, social security numbers, credit card numbers, bank account data, etc. This can lead to illegitimate use and modification of users’ information. 2. Modification of important data with intent to achieve personal gain is another effect of computer hacking. This can lead to the loss of all the data stored in the computer. The modification of sensitive data is a worst effect of hacking. 3. Another significant consequence of hacking is identity theft. This fraud involves pretention to be someone else, with determination to gain unauthorized access to information property. It meant to be an illegal use of someone else's identity for personal use. 4. With the advancement in technology, several key-logging software have been evolved which are capable of tracking and recording key stroke by the user, causing stealing of passwords and account details. Another ill effect of computer hacking is the refusal of service attack. This refers to the DOS attack, which makes computer resources inaccessible to authorized users. Often, websites fall prey to denial of service attack which causes unavailability of them for longer period of time. 5. Computer hacking can also cause theft of significant business information. This can disclose email addresses to hackers which could be used by them to use it for spamming and destroying email privacy. Ruchika Gupta
35
100690309909
Summer Training-2011
CSE
6. If the information related to national security, confidential government data, information related to national defence and security, if exposed by mean of hacking can lead to severe consequences. 7. Hacking can be used to convert computer into zombies. Zombie computers are used by the hackers for fraudulent activities. Most of the hackers are less noble and use their skills to steal personal information. But this type of computer hacking can sent them to a federal prison for up to 20 years.
Ruchika Gupta
36
100690309909
Summer Training-2011
CSE
Chapter – 4 Hacking tricks
I have gathered some Best Rapidshare tricks and Hack from various sources and compiled at one place. Trick No 1: Request a new IP address from your ISP Server. 1.) Click Start 2.) Click run 3.) In the run box type cmd and click OK 4.) When the command prompt opens type the following and hit enter after every new line. ipconfig /flushdns ipconfig /release ipconfig /renew exit
Trick No 2: Use Javascript Method 1.) Goto the page you want to download 2.) Choose FREE button 3.) In the address bar put the following: javascript:alert(c=0) 4.) Hit OK 5.) Hit OK to the pop-up box 6.) Enter the captcha Code shown on the Page 7.) Download Your File
Ruchika Gupta
37
100690309909
Summer Training-2011
CSE
Trick No 3: Erase your cookies and cache in browser you are using and try again to download the Rapidshare file again.
Trick No 4: Use a bookmarklet to stop your wait times (Only in Internet Explorer): 1.) Open IE 2.) Save “javascript:var%20c=0;” without quotes to Favorites 3.) Select Yes to the warning that the bookmark may be unsafe. 4.) Name it “RapidShare No Wait” 5.) Click on the Links folder (if you want to display it in your IE toolbar) 6.) Click OK 7.) You may need to close and reopen IE to see it 8.) Go to rapidshare and click the bookmarklet when you are forced to wait
Trick No: 5 Use a proxy with SwitchProxy and Firefox: 1.) Download and install Firefox 2.) Download and install SwitchProxy 3.) When you reach your download limit, clean your cookies and change your proxy.
Ruchika Gupta
38
100690309909
Summer Training-2011
CSE
Chapter-5 Famous Hackers
1. Kevin Mitnick Probably the most famous hacker of his generation, Mitnick has been described by the US Department of Justice as "the most wanted computer criminal in United States history." The self-styled 'hacker poster boy' allegedly hacked into the computer systems of some of the world's top technology and telecommunications companies including Nokia, Fujitsu and Motorola. After a highly publicised pursuit by the FBI, Mitnick was arrested in 1995 and after confessing to several charges as part of a plea-bargain agreement, he served a five year prison sentence. He was released on parole in 2000 and today runs a computer security consultancy. He didn't refer to his hacking activities as 'hacking' and instead called them 'social engineering'. 2. Kevin Poulson Poulson first gained notoriety by hacking into the phone lines of Los Angeles radio station KIIS-FM, ensuring he would be the 102nd caller and thus the winner of a competition the station was running in which the prize was a Porsche. Under the hacker alias Dark Dante, he also reactivated old Yellow Page escort telephone numbers for an acquaintance that then ran a virtual escort agency. The authorities began pursuing Poulson in earnest after he hacked into a federal investigation database. Poulson even appeared on the US television Unsolved Mysteries as a fugitive – although all the 1-800 phone lines for the program mysteriously crashed. Since his release from prison, Poulson has reinvented himself as a journalist. 3. Adrian Lamo Adrian Lamo was named 'the homeless hacker' for his penchant for using coffee shops, libraries and internet cafés as his bases for hacking. Most of his illicit activities involved breaking into computer networks and then reporting on their vulnerabilities to the companies that owned them. Lamo's biggest claim to fame came when he broke into the
Ruchika Gupta
39
100690309909
Summer Training-2011
CSE
intranet of the New York Times and added his name to their database of experts. He also used the paper's LexisNexis account to gain access to the confidential details of highprofile subjects. Lamo currently works as a journalist. 4. Stephen Wozniak Famous for being the co-founder of Apple, Stephen "Woz" Wozniak began his 'white-hat' hacking career with 'phone phreaking' – slang for bypassing the phone system. While studying at the University of California he made devices for his friends called 'blue boxes' that allowed them to make free long distance phone calls. Wozniak allegedly used one such device to call the Pope. He later dropped out of university after he began work on an idea for a computer. He formed Apple Computer with his friend Steve Jobs and the rest, as they say, is history. 5. Loyd Blankenship Also known as The Mentor, Blankenship was a member of a couple of hacker elite groups in the 1980s – notably the Legion Of Doom, who battled for supremacy online against the Masters Of Deception. However, his biggest claim to fame is that he is the author of the Hacker Manifesto (The Conscience of a Hacker), which he wrote after he was arrested in 1986. The Manifesto states that a hacker's only crime is curiosity and is looked at as not only a moral guide by hackers up to today, but also a cornerstone of hacker philosophy. It was reprinted in Phrack magazine and even made its way into the 1995 film Hackers, which starred Angelina Jolie. 6. Michael Calce Calce gained notoriety when he was just 15 years old by hacking into some of the largest commercial websites in the world. On Valentine's Day in 2000, using the hacker alias MafiaBoy, Calce launched a series of denial-of-service attacks across 75 computers in 52 networks, which affected sites such as eBay, Amazon and Yahoo. He was arrested after he was noticed boasting about his hack in online chat rooms. He was received a sentence of eight months of "open custody," one year of probation, restricted use of the internet, and a small fine. 7. Robert Tappan Morris Ruchika Gupta
40
100690309909
Summer Training-2011
CSE
In November of 1988 a computer virus, which was later traced to Cornell University, infected around 6,000 major Unix machines, slowing them down to the point of being unusable and causing millions of dollars in damage. Whether this virus was the first of its type is debatable. What is public record, however, is that its creator, Robert Tappan Morris, became the first person to be convicted under the Computer Fraud and Abuse Act. Morris said his 'worm' virus wasn't intended to damage anything and was instead released to gauge the size of the internet. This assertion didn't help him, however, and he was sentenced to three years probation, 4000 hours of community service and a hefty fine. A computer disk containing the source code for the Morris Worm remains on display at the Boston Museum of Science to this day. 8. The Masters Of Deception The Masters Of Deception (MoD) were a New York-based group of elite hackers who targeted US phone systems in the mid to late 80s. A splinter group from the Legion Of Doom (LoD), they became a target for the authorities after they broke into AT&T's computer system. The group was eventually brought to heel in 1992 with many of its members receiving jail or suspended sentences. 9. David L. Smith Smith is the author of the notorious Melissa worm virus, which was the first successful email-aware virus distributed in the Usenet discussion group alt. sex. The virus original form was sent via email. Smith was arrested and later sentenced to jail for causing over $80 million worth of damage. 10. Sven Jaschan Jaschan was found guilty of writing the Netsky and Sasser worms in 2004 while he was still a teenager. The viruses were found to be responsible for 70 per cent of all the malware seen spreading over the internet at the time. Jaschan received a suspended sentence and three years probation for his crimes. He was also hired by a security company.
Ruchika Gupta
41
100690309909
Summer Training-2011
CSE
Chapter – 6 Advantantages Of Hacking
Advantages •
Global audience.
•
No restriction for the location.
•
Less expensive than any other media.
•
Trouble-free.
•
Time saving.
•
Instant promotion.
One major advantage of ethical hacking is that it helps an organization better protect its systems and information. It is a way of augmenting the efforts of an organization's information technology professionals. The adoption of ethical hacking techniques must be a part of an organization's overall security efforts. However, the realities of tight budgeting mean that this additional layer of security is not always a priority for many organizations.
Ruchika Gupta
42
100690309909
Summer Training-2011
CSE
Chapter No.-7 Ways To Prevent Hacking
1
Implement a firewall -- A firewall is a barrier that keeps hackers and viruses out computer networks. Firewalls intercept network traffic and allow only authorized data to pass through.
2
Develop a corporate security policy -- Establish a corporate security policy that details practices to secure the network. The policy should direct employees to choose unique passwords that are a combination of letters and numbers. Passwords should be changed every 90 days to limit hackers' ability to gain possession of a functioning password. When someone leaves company, immediately delete the user name and password. The corporate policy should outline consequences for network tampering and unauthorized entry.
3
Install anti-virus software -- All computers should run the most recent version of an anti-virus protection subscription. Ideally a server should be configured to push virus updates out periodically to all client systems. Employees should be educated about viruses and discouraged from opening e-mail attachments or e-mail from unknown senders.
4
Keep operating systems up to date -- Upgrade operating systems frequently and regularly install the latest patches or versions of software, which are often free over the Web. If you use Microsoft Windows, check www.windowsupdate.com periodically for the latest patches.
5
Don't run unnecessary network services -- When installing systems, any nonessential features should be disabled. If a feature is installed but not actively used, it is less likely to be updated regularly, presenting a larger security threat. Also, allow only the software employees need to do their job effectively.
6
Conduct a vulnerability test -- Conducting a vulnerability test is a cost-effective way to evaluate the current security program. This test highlights flaws and limitations in the program, and experts can offer suggestions for improvement. The best method for conducting a vulnerability test is to contact a computer consulting company and provide access to your system for a day or two. This will provide ample time for network appraisal and follow-up discussion and planning.
Ruchika Gupta
43
100690309909
Summer Training-2011 7
CSE
Keep informed about network security -- Numerous books, magazines and online resources offer information about effective security tools and "lessons learned." Also, the Web provides ample and very current information about security - type in the key words "network security."
8
Use
a
non-obvious
directory/URL.
Obfuscating the presence of phpMyAdmin goes a long way to stopping script kiddies
and
automated
attacks.
Something
along
the
lines
of
https:///mydbadm/ typically works well. Anything that’s not “admin”, “phpMyAdmin-3.3.10-all-languages”, “phpmyadmin”, or similar variations is a move in the right direction. 9
Restrict
by
IP
(if
you
can)
via
htaccess.
If you are able to restrict access to phpMyAdmin to a short list of IP’s you will make your life a lot easier! 10
The authentication mechanism one chooses within phpMyAdmin should be thought out and there are lots of options (config, cookie, HTTP, and more). Cookie and HTTP are decent options but as always the exact use case influences the choice here.
11
SSL is your friend so use it! One should consider the security implications of the authentication scheme they use and the database(s) that will be accessed. Lots of people send their MySQL root login and password over the internet in plaintext without a blink. Bad, bad, bad! You can use a self-signed cert to keep costs down. If you want to be really slick rewrite/redirect any http:// calls to https://.
12
Remember least privilege. Restrict access to the minimum. For example… If Sheldon needs read-only access to the string_theory database don’t go and give him full access to all databases.
13
Disable, rename, or ’chmod 0’ the setup directory. Once you’ve configured phpMyAdmin this directory is unnecessarily dangerous so prevent it from being accessed.
14
Stay up-to-date. A quick glance at the Security page on phpMyAdmin’s website will show that there are somewhat frequent security updates. Stay informed by subscribing to their Security RSS feed and update your phpMyAdmin implementation as updates are released.
Ruchika Gupta
44
100690309909
Summer Training-2011
CSE
Chapter No.-8 Conclusion And Future Scope Of Hacking
I am always tempted to predict the future when it comes to computer security. Of course its impossible to know for sure but I think its possible to make an educated guess. They say we are in the “the golden age of hacking” and I could not agree more. Never have I seen more tools available for free on the net. Tools for both windows and linux and now you can actually be a decent hacker using nothing but windows. Without question this is the best of times and the worst of times to quote Dickens. The best of times for those curious about security and how it can be breached and the worst of times if you are sitting on the net with a vulnerable computer! I was asked to do a test at a university of their network a while back. We connected a laptop into the network with a default install of XP sp1 and in less than 10 minutes it was hacked! Sign of the times I would say. It was a good demo for the "powers that be" at the school. If you are a University Admin and are having budget problems, try arranging a demo for the heads just like this if you can. In this
instance
it
was
very
much
an
eye
opener
for
them.
If we were to split hacking into 3 levels, say low, middle and high. Low is requiring the least amount of technical skill and relies more on social engineering and a few simple things like hardware key loggers. Middle level comprises a good skill with tools available and precompiled buffer overflows, etc.. High is someone who can think way outside the box
and
deepest
aspects
of
TCP/IP
and
can
code
accordingly.
My strong feeling is that the middle level as I define it will be the one that will disappear in the future. Buffer overflows will become a thing of the past. Technology is growing strongly towards that direction. Microsofts SP2 was an attempt to stop it with their DEP. It will only get better in time. Exploiting code will slowly become more and more difficult and tools that focus on that will lose more and more of their effectiveness. So that leaves the low and high and this is were I am willing to bet the future holds.
Ruchika Gupta
45
100690309909
Summer Training-2011
CSE
Hackers will either focus on things like social engineering or gaining physical access. Join a cleaning crew and place a hardware key logger. Come back the next night and retrieve it and while not very sophisticated it can be very devastating none the less. The high end will be those that understand the very core of IP6 and will understand how to
manipulate
packet flows in
ways no
one has ever
thought about.
Obviously if this scenario is correct, most hackers will focus on the low level and that perhaps is even scarier. Using a combination of hardware and social skills could prove the most difficult to defend against. A security professional I know that was trained by the government was mentioning to me that there exist hardware most people are not aware of. One device he mentioned was a piece of hardware that would strap on your leg and was hidden under your pants. You could then go to an office building and sit in the lobby reading a newspaper. As you sat there, it would sniff out traffic flowing through all the Ethernet cables running through the building. Then you would go back to the lab and download everything. Unless that building was running everything through lead pipes, they
were
very
vulnerable.
All
I
thought
was
"
I
want
one!"
If we remember, Kevin Mitnick did most of his hacks with social skills and still teaches that. By the way, that doesn’t mean that he doesn’t have a lot of high level skills these days. I met the instructor who gave Mitnick his CEH test. Many seemed to be surprised when they discover he actually attended a CEH boot camp. He said Mitnick had sat in on his class and asked a lot of intelligent questions and said he passed the test in the high 80’s (89?) which was the highest score he had ever seen. He also mentioned Kevin is very proud of that and if anyone has done better than that on their first attempt they should email Mitnick and let him know, lol. Any way our job will focus more and more on educating the building personnel concerning security policies.
Ruchika Gupta
46
100690309909
Summer Training-2011
CSE
BIBLIOGRAPHY [1]http://www.neatorama.com/2006/08/28/a-short-history-of-hacking/ [2]http://pcworld.about.net/news/Apr102001id45764.htm [3]http://way2resources.com/post/2010/12/04/What-is-Hacking-And-What-Are-TypesOf-Hacking.aspx [4]http://www.ethicalhacking1.com/ [5]http://techgoggles.in/index.php/website-hacking-issues-caused-and-preventionsmeasures/ [6]http://pccrack.in/hacks/hack%20E-mail%20accounts.html [7]http://www.insecure.in/password_hacking.asp [8]http://www.smh.com.au/technology/security/hacking-online-accounts-is-easy-asabc123-20100122-mpni.html [9]http://www.naijapals.com/article/Hacking_Online_Banking_and_Credit_Card_Transac tions___And_How_to_Prevent_It-13147 [10]http://www.wisegeek.com/what-is-computer-hacking.htm [11]http://myblogtip.com/advantages-of-internet-advertising/ [12]http://www.detroitchamber.com/index.php? option=com_content&menuid=206&id=2799 [13]http://blog.inetu.net/2011/03/7-ways-to-stop-phpmyadmin-hackers/
Ruchika Gupta
47
100690309909
