ETHICAL HACKING

UNIT-3

System Hacking 

• System hacking refers to the unauthorized access, manipulation, or exploitation of computer systems, networks, or data.
• Involves:
• 1. Bypassing security: Overcoming security measures to gain access.
• 2. Exploiting vulnerabilities: Using weaknesses to gain control or access sensitive data.
• Goals:
• 1. Data theft: Stealing sensitive information.
• 2. System control: Gaining control over the system.
• 3. Disruption: Causing system downtime or disruption.

​

• System hacking involves:
• Key aspects:

1. Unauthorized access: Gaining access to a system without permission.

2. Exploiting vulnerabilities: Using weaknesses to gain control or access sensitive data.

• Types:

1. Network hacking: Exploiting network vulnerabilities.

2. Password cracking: Guessing or cracking passwords.

3. Malware: Using malicious software to gain access or control.

• Consequences:

1. Data breaches: Sensitive data exposure.

2. System compromise: Loss of system integrity or control.

​

Default password databases

• Default password databases are collections of known default passwords for various systems, devices, and applications.
• Used for:

1. Vulnerability assessment: Identifying potential weaknesses in systems.

 2. Penetration testing: Testing system security by attempting to login with default credentials.

• Purpose:

1. Identify vulnerabilities: Detect systems with unchanged default passwords.

2. Improve security: Encourage password changes and stronger password policies.

• Some popular default password databases include:

1. Default Password List (DPL)

 2. (link unavailable) Default Passwords Database

• Some examples of default password databases include:

1. (link unavailable) Default Passwords Database: A comprehensive database of default passwords for various devices and systems.

 2. Default Password List (DPL): A list of default passwords for routers, modems, and other network devices.

 3. Router Default Passwords: A database of default passwords for routers from various manufacturers.

• These databases are often used by:

1. Ethical hackers: To identify potential vulnerabilities in systems.

2. Security researchers: To study and analyze system security.

Manual and Automated Password Cracking

• Manual Password Cracking: Manual password cracking involves attempting to guess or crack a password without using automated tools.
•  This can include:
• 1. Guessing: Trying common passwords, variations of usernames, or easily guessable information.
• 2. Dictionary attacks: Using a list of words, phrases, or common passwords to try potential passwords.

• Automated Password Cracking:
• Automated password cracking uses software tools to attempt to crack a password. This can include:

1. Brute-force attacks: Trying all possible combinations of characters, numbers, and symbols.

2. Rainbow table attacks: Using precomputed tables of hash values to crack passwords.

3. Dictionary attacks: Using automated tools to try wordlists and dictionaries.

​

• Tools:
• 1. John the Ripper: A popular password cracking tool.

2. Hashcat: A powerful password cracking tool.

3. Aircrack-ng: A tool for cracking Wi-Fi passwords.

• Techniques:
• 1. Wordlist generation: Creating custom wordlists for dictionary attacks.
• 2. Rule-based attacks: Using rules to generate potential passwords.

​

​

​

• Manual Password Cracking Examples:

1. Guessing common passwords: Trying passwords like "password123" or "qwerty".

2. Using social engineering: Guessing passwords based on personal information.

3. Dictionary attacks: Trying words or phrases from a list.

• Automated Password Cracking Examples:

1. Brute-force attacks with John the Ripper: Trying all possible combinations.

2. Rainbow table attacks with RainbowCrack: Using precomputed tables.

3. Dictionary attacks with Hydra: Trying wordlists.

• Tools:

1. John the Ripper: For brute-force and dictionary attacks.

2. Hashcat: For GPU-accelerated password cracking.

3. Hydra: For network authentication cracking.

​

Process of System Hacking

• System hacking involves a series of steps to gain unauthorized access to a computer system, network, or application. Here's a detailed explanation:

Step 1: Reconnaissance

• - Gathering information about the target system, such as IP addresses, domain names, and potential vulnerabilities.
• - Example: Using search engines, social media, or network scanning tools like Nmap.

Step 2: Scanning

• - Identifying open ports, services, and potential vulnerabilities in the system.
• - Example: Using tools like Nmap, Nessus, or OpenVAS.

Step 3: Gaining Access

• - Exploiting identified vulnerabilities to gain unauthorized access to the system.
• - Example: Using exploit tools like Metasploit or social engineering tactics.

​

Step 4: Maintaining Access

• - Establishing a persistent presence in the system, such as creating backdoors or installing malware.
• - Example: Using tools like Meterpreter or installing a remote access trojan (RAT).

Step 5: Covering Tracks

• - Hiding evidence of the hack, such as modifying logs or deleting files.
• - Example: Using tools like log editing software or file shredders.

Additional Steps:

• - Privilege escalation: Gaining higher-level access or privileges.
• - Data exfiltration: Stealing sensitive data.

​

​

​

Using Keyloggers

• Using Keyloggers Definition: Keyloggers are malicious tools used to capture and record keystrokes, allowing hackers to steal sensitive information.
• Types:

1. Software Keyloggers: Installed on a device through malware, phishing, or other means.

2. Hardware Keyloggers: Physical devices connected between the keyboard and computer.

• How Keyloggers Work:

1. Capturing Keystrokes: Recording every keystroke, including login credentials, credit card numbers, and other sensitive data.

2. Sending Data: Transmitting captured data to the hacker, often through email or FTP.

​

​

​

• Examples:

1. Malware-based Keyloggers: Installed through phishing emails or infected software downloads.

2. Physical Keyloggers: Used in public places, such as libraries or internet cafes, to capture sensitive information.

• Consequences:

1. Identity Theft: Stolen personal data used for malicious purposes.

2. Financial Loss: Stolen credit card information or login credentials used for financial gain.

• Protection Measures:

1. Antivirus Software: Detecting and removing malware-based keyloggers.

2. Regular System Updates: Patching vulnerabilities to prevent exploitation.

3. Strong Passwords: Using unique and complex passwords to minimize damage.

​

​

​

Trojans & Backdoors

Trojans:  Malicious software: Disguised as legitimate programs, Trojans allow unauthorized access.

 2. Types: Remote Access Trojans (RATs), Keyloggers, etc.

 3. Purpose: Steal data, monitor activity, or gain control. Backdoors: 1. Hidden access: Secret entry points in software or systems, bypassing security.

2. Purpose: Allow hackers to access systems without detection.

3. Types: Intentionally created backdoors or those resulting from vulnerabilities.

• Consequences:

1. Data breaches

2. System compromise

3. Unauthorized access

Protection:

1. Antivirus software

2. Regular system updates

3. Network monitoring

4. Secure coding practices

​

Working of Trojan

• How Trojans Work:

1. Disguise: Trojans disguise themselves as legitimate software or files.

2. Installation: Users unknowingly install Trojans, often through phishing or downloads.

3. Activation: Trojans activate, allowing hackers to access the system.

4. Remote Access: Trojans provide remote access to hackers, enabling:

•     - Data theft
•     - System control
•     - Malware deployment
• Types of Trojans:

1. Remote Access Trojans (RATs): Allow hackers to control systems remotely.

2. Keyloggers: Capture keystrokes to steal sensitive information.

3. Backdoor Trojans: Create secret entry points for future access.

​

• Consequences:

1. Data breaches

2. System compromise

3. Financial loss

4. Identity theft

• Protection:

1. Antivirus software

2. Regular system updates

3. Caution with downloads and emails

4. Strong passwords

​

​

​

Infection Techniques

• Infection Techniques:
• Definition: Infection techniques are methods used by hackers to spread malware, compromising computer systems, networks, or devices.
• Examples:

1. Phishing: Sending malicious emails or messages with infected attachments or links.

2. Drive-by Downloads: Infecting systems through compromised websites or malicious ads.

3. Malware-laced Software: Bundling malware with legitimate software or pirated copies.

4. USB Attacks: Infecting systems via malicious USB devices.

5. Exploit Kits: Using vulnerabilities to deliver malware.

​

• How Infection Techniques Work:

1. Social Engineering: Manipulating users into installing malware.

2. Vulnerability Exploitation: Using unpatched vulnerabilities to infect systems.

3. Malicious Code: Executing malicious code to compromise systems.

• Consequences:

1. Data breaches

2. System compromise

3. Financial loss

4. Malware propagation

• Protection Measures:

1. Antivirus software

2. Regular system updates

3. User education

4. Network security measures

​

                                   AttacK

• Attack Definition:
• Definition: An attack in the context of cybersecurity refers to a deliberate attempt to compromise, disrupt, or gain unauthorized access to a computer system, network, or device.
• Types of Attacks:
• 1. Cyber attacks: Targeting digital systems, networks, or devices.
• 2. Network attacks: Targeting network infrastructure or communications.
• 3. System attacks: Targeting specific systems, applications, or services.
• Goals of Attacks:
• 1. Data theft
• 2. System compromise
• 3. Disruption
• 4. Financial gain
• 5. Unauthorized access

​

​

​

Lifecycle and Classification of Viruses

​

​

​

• Lifecycle of a Virus:

1. Creation: A virus is created by a programmer with malicious intent.

2. Replication: The virus replicates itself by attaching to other programs or files.

3. Execution: The virus is executed, either intentionally or unintentionally, by the user.

4. Infection: The virus infects the system, causing damage or disruption.

5. Propagation: The virus spreads to other systems, either through user interaction or automated means.

​

• Classification of Viruses:
• 1. File Infector Viruses: Attach to executable files and spread when the file is run.
• 2. Boot Sector Viruses: Infect the boot sector of a hard drive or floppy disk.
• 3. Macro Viruses: Written in macro languages and embedded in documents.
• 4. Trojan Horses: Disguise themselves as legitimate software but contain malicious code.
• 5. Worms: Self-replicating malware that spreads without user interaction.
• 6. Logic Bombs: Remain dormant until triggered by a specific event or action.
• 7. Polymorphic Viruses: Change their code each time they replicate, making them difficult to detect.

​

​

​

• Characteristics of Viruses:

1. Replication: The ability to create copies of themselves.

2. Infection: The ability to attach to other programs or files.

3. Execution: The ability to execute malicious code.

• Consequences:

1. Data loss

2. System compromise

3. Financial loss

4. Disruption

• Protection:

1. Antivirus software

2. Regular system updates

3. User education

4. Network security measures

​

Worms

• Worms in Hacking:
• Definition: A computer worm is a type of malware that replicates itself and spreads to other systems without user interaction.
• Characteristics:

1. Self-replication: Worms create copies of themselves.

2. Autonomous: Worms spread without user interaction.

3. Propagation: Worms can spread through networks, exploiting vulnerabilities.

• Types of Worms:

1. Email worms: Spread through email attachments or links.

2. Instant messaging worms: Spread through instant messaging platforms.

3. Network worms: Spread through network vulnerabilities.

​

Virus Construction Kit

• Virus Construction Kit:
• Definition: A virus construction kit is a tool used to create new viruses or malware.
• Features:

1. Customization: Allows users to customize virus behavior and characteristics.

2. Ease of use: Simplifies the process of creating malware.

3. Variety: Can create various types of malware.

• Types:

1. Virus generators: Create new viruses based on templates.

2. Malware builders: Allow users to build custom malware.

​

• Types:
• 1. Virus generators: Create new viruses.
• 2. Malware builders: Build custom malware.
• Uses:
• 1. Malicious activities: Create malware for data theft, system compromise.
• 2. Cyber attacks: Launch targeted attacks.
• Protection:
• 1. Antivirus software: Detect and block malware.
• 2. System updates: Patch vulnerabilities.
• 3. User education: Prevent infection.

​

• Virus Construction Kit Examples:
• Notable Examples:

1. VBS Worm Generator: Creates VBScript-based worms.

2. PSWTool: Generates password-stealing malware.

3. Dark Comet RAT Builder: Creates remote access Trojans (RATs).

• Characteristics:

1. User-friendly interface: Simplifies malware creation.

2. Customizable options: Allows users to tailor malware behavior.

3. Variety of malware types: Can create different types of malware.

​

• Impact:

1. Increased malware threats: More malware is created.

2. Difficulty in detection: New malware can evade detection.

• Protection:

1. Antivirus software: Use advanced threat detection.

2. Regular system updates: Keep systems and software up-to-date.

3. User education: Educate users about safe computing practices.

​