Kyrion Technologies

March 16, 2018 | Author: Shabir Ali | Category: Wireless Lan, Proxy Server, Email, Security Hacker, Password
Share
Report this link


Comments



Description

Training Material for WorkshopOn Ethical Hacking & Information Security Kyrion Technologies Pvt. Ltd. Corporate Office: B-92, G.T Karnal Road, Industrial Area, Delhi-110033 (India) 92, Delhi E-mail: [email protected] Website: www.kyrion.in Tel.: +91-11-4708-5343 --------------------------------------------------------------------------------------------------------------------Ethical Hacking & Information Security is the need of the hour. To equip the technical support of our nation, Kyrion Technologies Pvt. Ltd. is all geared up to provide the best of knowledge and services. Kyrion Technologies Table of Contents S. No. 1 2 3 4 5 6 7 8 9 10 Topic About Us EHIS Course Module Concept of Hacking Email Hacking System Hacking Trojans Attacks on Network Web Server as a Target Wireless Hacking Tool Kit Description Page No. 3 5 8 15 19 23 26 29 35 39 Training Programs Available with Kyrion • • • • • • • • • EHIS Free Seminar – 4 hours (For Schools & Colleges) EHIS Workshop – 12 hours (For Schools & Colleges) EHIS Lab Workshop – 18 hours (For Schools & Colleges) EHIS Short Term Certification – 25 hours (For Institutes) EHIS Long Term Certification – 120 hours Kyrion Digital Security Expert – 54 hours (Summer Training) Kyrion Cyber Security Expert – 250 hours Network Security – 75 hours Security Tool Development – 75 hours Join us at: Yahoo Group: [email protected] Orkut Community: Kyiron Digital Securities Ethical Hacking & Information Security Page 2 Kyrion Technologies About Us Ethical Hacking & Information Security Page 3 Kyrion Technologies Kyrion Technologies Pvt. Ltd. with its headquarter at Delhi, aims to lay a strong underpinning for the technical development of our country, by developing an active interest among youth in new technologies such as Robotics, Automation, Embedded System, Ethical Hacking & Information Security. With the ever increasing requirements of professionals in the field of Ethical Hacking & Information Security, Kyrion Technologies Pvt. Ltd. is all geared up to lay the foundation of a new venture, Kyrion Hacking Club. Key Points of Kyrion Hacking Club: • Helping government for conducting Education & Awareness Programs on Ethical Hacking & Information Security. • We are carrying rich experience of working on cyber cases and giving workshops to Delhi & Uttar Pradesh Police. • Our head trainer is supported by Ministry of Home Affair (Forensic Lab, Hyderabad). • We have developed our own software, spywares, bombers, remote administration tools (Trojans) etc. • We will be providing the students knowledge in the field of Ethical Hacking & Information Security by showing them live hacking and gateway so that one can secure themselves from such kind of attacks. Kyrion Hacking Club at Kyrion Technologies Pvt. Ltd. has been founded by a group of IT Security Experts. It has laid a foundation in the field of Ethical Hacking & Information Security. Kyrion Hacking Club has conceptualized various workshops, products and resources to cater the needs of different section of students' communities and eventually reaching out to an excess of 5,000 students and tutors in different cities across the country. Client List of Kyrion Hacking Club: • Indian Institute of Science, Bangalore • IIT Kharagpur • IIT Roorkee • IIT Guwahati • NIT Jalandhar • North Eastern Institute of Science & Technology • Assam Engineering College • Uttaranchal Institute of Technology • Security Day at IIT Delhi in Association with Ministry of Communication & Information Technology (June or July) Ethical Hacking & Information Security Page 4 Kyrion Technologies EHIS Course Module Ethical Hacking & Information Security Page 5 . how terrorists send threatening Emails Email Password Hacking o Cracking the Email ID Passwords using the fake Websites Email analysis o Tracing the Email path and locating the Original Sender of the Email o IP Tracing • • System Hacking • Targeting a Windows System o Cracking Windows password using the Bruteforce technique o How to bypass the Login Screen and directly Login as the Administrator of the Computer o Grant unlimited access to a limited user o How to use a keylogger to hack the passwords on a computer o Hiding secret messages behind images Protecting your System resources o Configuring strong passwords o Change the Boot sequence o Applying the File and Folder security o Hiding files.Kyrion Technologies Concept of Hacking • Reading the Hacker’s mind and Understanding the hacking psychology and methodology o Get to know how a Hacker thinks and prepares for his attack o Types of Hackers and their mentality o Steps performed by a Hacker to attack the target o How an attacker uses the freely available resources in his attack o Hiding your identity while performing the attack o Proxy Server Email Hacking • Email Forger o How an Email travels from sender to the receiver o Sending fake Emails. Encrypting data on the hard disk with a password o Detecting the Keylogger on a Local Computer • Trojans • • • • How does a Trojan works Building a Trojan server and binding it with any other file as hidden Controlling the remote computer from your computer Detection of Trojan on a Local computer and removing it manually Attacks on Network • Performing the LAN based attacks o Enumerating the Network details Page 6 Ethical Hacking & Information Security . Kyrion Technologies o Sniffing the Network Data o Poisoning the Network details and hacking the passwords o Perform the DNS Spoofing attack Counter apart the Network attacks o Trace the attacker on the Local Area Network and shutting down the network attacks • Web Server as a Target • Web Application Attacks: Live Demonstrations o Working of Web Server o Apache vs IIS o Working of database server o CRUD operation o Login operation o Input Validation attacks o Placing backdoors in Website o Google Hacking o Website Enumeration Putting breaks on Web Application attacks o Proper Input validation o Directory access controls o Deny Google to your website • Wireless Hacking • Cracking Wireless Network Password o Checking out the Wireless network details and cracking the WEP key encryption on the Wireless network Wireless Security o How can you make your Wireless network secure and very to hard to be cracked? • Ethical Hacking & Information Security Page 7 . Kyrion Technologies Concept of Hacking Ethical Hacking & Information Security Page 8 . anyhow.Kyrion Technologies Hacking • • • Hacker is a computer person who is very curious and wants to learn as much as possible about computer systems. using his skills and power. They are also known as an Ethical Hacker or a Penetration Tester. They focus on Securing and Protecting IT Systems. Hacking has a lot of meanings depending upon the person’s knowledge and his work intentions. Types of Hackers • • • White Hat Hacker Black Hat Hacker Grey Hat Hacker White Hat Hacker • A White Hat Hacker is computer guy who perform Ethical Hacking. Page 9 • Ethical Hacking & Information Security . Technically Ethical Hacking means penetration testing which is focused on Securing and Protecting IT Systems. It is the knowledge by which one gets to achieve his goals. These are usually security professionals with knowledge of hacking and the hacker toolset and who use this knowledge to locate security weaknesses and implement countermeasures in the resources. Hacking is an Art as well as a Skill. Hacking was developing and improving software to increase the performance of computing systems. Ethical Hacking • • Ethical Hacking is testing the resources for a good cause and for the betterment of technology. and know how to exploit several existing vulnerabilities. These are the individuals with a deep understanding of the OSI Layer Model and TCP/IP Stacks. Classification of Hackers • • • Coders Admin Script Kiddies Coders • • Coders are the programmers who have the ability to find the unique vulnerability in existing software and to create working exploit codes. but may or may not occasionally commit crimes during the course of their technological exploits. A majority of Security Consultants fall in this group and work as a part of Security Team. They break into or otherwise violate the system integrity of remote machines.Kyrion Technologies Black Hat Hacker • • A Black Hat Hacker is computer guy who performs ker Unethical Hacking. malicious These are also known as an Unethical Hacker or a Security Cracker. These are the Criminal hackers or Crackers who use their skills and knowledge for illegal or malicious purposes. sometimes in good will. and sometimes not. Script Kiddies • • Script Kiddies are the bunnies who use script and programs developed by others to attack computer systems and Networks. They focus on Security Cracking and Data stealing. They get the least respect but are most annoying and dangerous and can cause big problems without actually knowing what they are doing. with maliciou intent. They are hybrid between White Hat and Black Hat Hackers. Admin • • Admin the computer guys who have experience with several operating systems. They usually do not hack for personal gain or have malicious They intentions. Grey Hat Hacker • • A Grey Hat Hacker is a Computer guy who sometimes acts legally. Ethical Hacking & Information Security Page 10 . Scanning involves steps such as intelligent system port scanning which is used to determine open ports and vulnerable services. 2. Phase III: Gaining Access • This is the phase where the real hacking takes place. This phase involves taking the information discovered during reconnaissance and using it to examine the network. and record information about the target. Phase II: Scanning and Enumeration • • Scanning and enumeration is considered the second pre-attack phase. The method of Page 11 Ethical Hacking & Information Security . Performing Reconnaissance Scanning and enumeration Gaining access Maintaining access and Placing backdoors Covering tracks or Clearing Logs Phase I: Reconnaissance • Reconnaissance can be described as the pre-attack phase and is a systematic attempt to locate. identify. 5.Kyrion Technologies Steps Performed by a Hacker 1. 3. 4. In this stage the attacker can use different automated tools to discover system vulnerabilities. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The hacker seeks to find out as much information as possible about the target. gather. Ethical Hacking & Information Security Page 12 . Gaining access is known in the hacker world as owning the system. they want to keep that access for future exploitation and attacks. Sometimes. many successful security breaches are made but never detected. once hackers have been able to gain and maintain access. hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors. to remove evidence of hacking. rootkits. The attacker can use automated scripts and automated tools for hiding attack evidence and also to create backdoors for further attack. they cover their tracks to avoid detection by security personnel. During a real security breach it would be this stage where the hacker can utilize simple techniques to cause irreparable damage to the target system. or to avoid legal action. Hackers generally use the Proxy server on the Internet to make their Identity invisible to the target. Proxy Servers • • A proxy server is a server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security. the Internet. local access to a PC. and Trojans. Phase V: Clearing Tracks • • In this phase.Kyrion Technologies • connection the hacker uses for an exploit can be a local area network. to continue to use the owned system. administrative control. Phase IV: Maintaining Access and Placing Backdoors • • Once a hacker has gained access. or offline. and caching service. This includes cases where firewalls and vigilant log checking were in place. At present. Kyrion Technologies Web Proxies • • A Proxy site is a web page which allows you to browse your favorite web sites -.info http://rinsemyproxy.even though your access to those web sites might be blocked by a content filter.cc http://www.uk http://springsurf.info http://www.info http://proxylight.co.cc http://iwati.cc http://www.uk http://darkcorn. Given below is a list of Web Proxies: • • • • • • • • • • • • • • • • • • • • • • • • • http://cellphonemp3s.co.info http://unblockwebsense. All that you have to do is type the web site address you would like to visit in the form they provide.info http://stableunblocker.com http://insurance77.info http://it-digits. Page 13 Ethical Hacking & Information Security .info Anonymous Proxies • An anonymous proxy is a piece of software designed to protect the privacy and anonymity of web browsers from web site operators. you are protected and your real IP address is not being logged.cc http://www.info http://baywatchnights.co. and start browsing.jot28.co.info http://slumdogproxy. Internet snoops.info http://thenbanews. If you find that you are blocked from your favorite websites. Once you keep browsing using that form.co.info http://smartfriend. and even unfriendly governments.com http://carrotproxy.co.info http://www.info http://towsh. How Proxy Sites Work Proxy sites enable you to bypass your own Internet provider and browse through the proxy web site.oxytopia.info http://s360.surfnsafari.co.net http://socialproxy.evilproxy.cc http://eowsh.getaniphone.info http://eyeground. use one of these web proxy sites to get around the block. Kyrion Technologies • • The anonymous proxy software resides on a proxy server. it only knows who the proxy server is. In addition to hiding your IP address.so you had better choose a proxy server that you trust. The proxy server does know who you are -. The web server does not know who you are. The web browser connects to the proxy server and the proxy server connects to the web server. an anonymous proxy server will typically remove traffic such as: • • • • • Cookies Pop-ups Banners Scripts Referrer information Some of the Anonymous Proxy Servers are: • • Ultrasurf Freegate Ethical Hacking & Information Security Page 14 . Kyrion Technologies Email Hacking Ethical Hacking & Information Security Page 15 . There are so many ways to send the Fake Emails even without knowing the password of the Email ID. Email Travelling path Fake Email Fake Email means an Email which has come from an Email ID which was not sent by the Original Email ID Owner. transmitting. or storing primarily text-based human communications with digital communications systems. Different methods to send Fake Emails • • Open Relay Server Web Scripts Ethical Hacking & Information Security Page 16 .Kyrion Technologies Electronic mail – often abbreviated as e-mail or email is any method of creating. The Internet is so vulnerable that you can use anybody's Email ID to send a threatening Email to any official personnel. it is not so easy to compromise the Email server like Yahoo.info Deadfake. Also. Page 17 Ethical Hacking & Information Security . It requires no password to send the Email. The e-mail directs the user to visit a Web site where they are asked to update personal information. From: To: Subject: There are so many websites available on the Internet which already contains these mail sending scripts. Gmail. The Web site. but at this time we will talk about the very famous 'Phishing attack'. Most of them provide the free service. and bank account numbers. Sending Fake Email via Web Scripts • • Web languages such as PHP and ASP contain the mail sending functions which can be used to send Emails by programming Fake headers i. We try to compromise the user and get the password of the Email account before it reaches the desired Email server. We will cover many attacks by the workshop flows.Kyrion Technologies Sending Fake Email using the Open Relay Server • • • An open mail relay is an SMTP (Simple Mail Transfer Protocol) server configured in such a way that it allows anyone on the Internet to send Email through it.e. Phishing • • The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. etc. social security.net Fakemailer. not just mail destined to or originating from known users. Email Password hacking can accomplished via some of the client side attacks. An attacker can connect the Open Relay Server via Telnet and instruct the server to send the Email.com Will Go On and On…… Email Password Hacking • • • There is no specified attack available just to hack the password of Email accounts. that the legitimate organization already has. Some of them are: • • • • Fakemailer. such as passwords and credit card. Reply-To: Address that should be used to reply to the sender. Subject: Subject of the Email Date: The Local Time of the server when the message was sent. which is structured into fields. Ethical Hacking & Information Security Page 18 . Each message has exactly one header. As we all know the travelling of the Email. Header Fields • • • • • • • • • • • From: Email Address where the Email has come from. usually a MIME type In-Reply-To: Message-ID of the message that this is a reply to.Kyrion Technologies however. Received: Tracking information generated by mail servers that have previously handled a message References: Message-ID of the message that this is a reply to. Bcc: Blind Carbon Copy Cc: Carbon copy Content-Type: Information about how the message has to be displayed. To: Email Address of the destination. You can easily get the IP Address of the sender from the header and then can locate the sender. Locating Original Sender in not always possible but we have tried our best to get it. is bogus and set up only to steal the user’s information. Email Tracing • • • Tracing an Email means locating the Original Sender and getting to know the IP address of the network from which the Email was actually generated. etc. and the message-id of this message. Header of the Email contains all the valuable information about the path and the original sender of the Email. Each field has a name and a value. To get the information about the sender of the Email we first must know the structure of the Email. Kyrion Technologies System Hacking Ethical Hacking & Information Security Page 19 . a hash is generated and compared to a stored hash. If the entered and the stored hashes match. Some logic can be applied by trying passwords related to the person’s name. Brute Force Attack • • • Brute force password guessing is just what it sounds like: trying a random approach by attempting different passwords and hoping that one works. Passwords may be cracked manually or with automated tools such as a Brute-force method or the Rainbow table attack. job title.Kyrion Technologies Cracking the Windows User account Password • • Passwords are generally stored and transmitted in an encrypted form called a hash. When a user logs on to a system and enters a password. After this Page 20 Ethical Hacking & Information Security . hobbies. There are tools available to perform the Brute force attack on the Windows SAM File. the user is authenticated (This is called the Challenge/Response). Brute force randomly generates passwords and their associated hashes. Rainbow Table Attack • Rainbow Table Attack trades off the time-consuming process of creating all possible password hashes by building a table of hashes in advance of the actual crack. or other similar items. Since keylogging programs record every keystroke typed in via the keyboard. and phone numbers. including passwords. One more thing which an attacker can do is to boot the computer from the Live CD and change the SAM file to promote any Limited User account to Administrator. private email correspondence. is used to crack the password. or through stealthier means. Now you definitely don’t want your system to be vulnerable. addresses. Key loggers • • Keystroke loggers (or key loggers) intercept the target’s keystrokes and either saves them in a file to be read later. which will then normally only take a few seconds. Windows Internal Commands as well as Steganography tools can be used to perform this technique. Ethical Hacking & Information Security Page 21 . Privilege Escalation • • Once you have cracked the Administrator password on a Windows computer. they can be hidden in the machine for later retrieval or transmitted to the attacker via the Internet. names. called a rainbow table. This is generally performed by the terrorists to hide the secret messages behind the images and conveying the message via sending the Image via Internet. either directly by the user. We can use the Live CD to crack the Windows password using the Rainbow table attack technique. credit card numbers. the table. Steganography • • • • Steganography is the technique to place text content behind the images. the keylogger program runs continually in the background.Kyrion Technologies • process is finished. or transmit them to a predetermined destination accessible to the hacker. After the keystrokes are logged. So here are the countermeasures. Once installed on the target machine. they can capture a wide variety of confidential information. you can easily login with the administrator user account and promote any user account to give him the Administrator privileges. The following rules should be applied when you’re creating a password.Kyrion Technologies Configuring a Strong Login Password • • • A strong password is less susceptible to attack by a hacker. Proper Monitoring • Process Viewer (PrcView) (www. Ethical Hacking & Information Security Page 22 .teamcti. it shows full path and version information. This will protect your computer from the attacking Live CDs.com/pview/prcview. It should be configured as Hard Disk as the First Boot Device. Windows carries Access Control List command to apply the Access security on the Files and Folders.htm) is a free GUI-based process viewer utility that displays detailed information about processes running under Windows. and module usage.:”%@!#) Numbers Uppercase letters Lowercase letters Change the Boot Sequence • • You should change the boot sequence in the BIOS so that your computer is not configured to boot from the CD first. For each DLL. Applying the permissions on the Files and Folders • • You can set permissions on the Files and Folders in Windows so that no one else can open or access them. threads. to protect it against attacks: Must not contain any part of the user’s account name Must have a minimum of eight characters Must contain characters from at least three of the following categories: • • • • Non alphanumeric symbols ($. For each process it displays memory. Kyrion Technologies Trojan Ethical Hacking & Information Security Page 23 . Server is part of the Trojan on the Victim’s Computer. Trojan generally consists of two parts: a client component and a server component. It tries to connect the Victim computer and administrate the computer without the permission of the User. the executable code that does the real damage. the server component has to be installed on the victim’s machine. Trojans is a program that appears to perform a desirable and necessary function but that. Client Trojan is the part of the Trojan on the Attacker’s computer. performs functions unknown and unwanted by the user. For the Trojan to function as a backdoor. Wrapper • • A wrapper is a program used to combine two or more executables into a single packaged program.Kyrion Technologies Definition • • • • • Trojans are malicious pieces of code used to install hacking software on a target system and aid the hacker in gaining and retaining access to that system. Trojans and their counterparts are important pieces of the hacker’s toolkit. like a game. It opens a port in the Victim’s computer and invites the attacker to connect and administrate the computer. so that it appears to be a harmless file. The wrapper attaches a harmless executable. to a Trojan’s payload. Some Famous Trojans • • • • • • • Back Orifice NetBus Zlob Pest Trap ProRat Sub7 Vundo Modes of Transmission • CD or DVD Autorun Page 24 Ethical Hacking & Information Security . because of hidden and unauthorized code. Hackers use it to bind the Server part of the Software behind any image or any other file. and XP. On Windows NT. 2000. TCPView also reports the name of the process that owns the endpoint. Educate users not to install applications downloaded from the Internet and email attachments. TCPView • • TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system. including the local and remote addresses and state of TCP connections. Most commercial anti-virus products can automatically scan and detect backdoor programs before they can cause damage. Ethical Hacking & Information Security Page 25 .Kyrion Technologies • • • • Pen Drive Email Website Shared Drives Trojan Countermeasures • • • Awareness and preventive measures are the best defense against Trojans. Kyrion Technologies Attacks on Network Ethical Hacking & Information Security Page 26 . ARP Poisoning: Man in the Middle Attack • • • The concept of ARP Poisoning (or ARP spoofing) is to set up a manman-in-the-middle attack that allows the attacker to insert himself into the communications stream between the victim and the victim’s intended communications recipient. ll DNS spoofing Ethical Hacking & Information Security Page 27 . Sniffers are used to capture traffic sent between two systems. Hacker uses the concept of ARP Poisoning to redirect all the network traffic to the Sniffer device and get all the Username and Password sent in the Network. and other confidential information transmitted on the network. passwords.Kyrion Technologies Sniffing • • • Sniffing is the process of gathering traffic from a network by capturing the data as they pass and storing them to analyze later. i It involves sending bogus ARP requests to the network device so outbound traffic will be routed to the attacker. a hacker can use a sniffer to discover usernames. It is a Passive Process. Depending on how the sniffer is used and the security measures in place. Checking the ARP Table • • ARP is Address Resolution Protocol. it is the part of the Network Administration. When a user requests a certain website URL. Command: tracert ServerIP Check the Network Connections • • • A User must check the network connections which his computer has made to outer devices. “Arp –a”. However. Ethical Hacking & Information Security Page 28 . such as a fake website. still the User is the one who will directly or indirectly effect with the Network Attacks. the user is redirected to a website other than the one that was requested.Kyrion Technologies • • DNS spoofing (or DNS poisoning) is a technique that tricks a DNS server into believing it has received authentic information when in reality it hasn’t. which converts the IP Address of a device to its Physical Address. Command: Netstat –a Or you can use the TCP View to check the network connection details. Counter apart the Network attacks • • Generally a Client User is not really the concerned person to secure the Network. Trace Your Sever • • Trace your Server to check if there unreliable device in between your computer to your Server. If the DNS server has been compromised. use this command to check the ARP table for your computer and you can easily detect the MITM Attack. the address is looked up on a DNS server to find the corresponding IP address. Kyrion Technologies Web Server as the Target Ethical Hacking & Information Security Page 29 . no matter where in the world that URL lives. requested a page and received it. and serving them HTTP responses along with optional data contents. 2. the page pops up on your screen. 1. At the most basic level possible. It holds the database management system (DBMS) and the databases. Client sends the request for a Webpage on the Webserver.). the following diagram shows the steps that brought that page to your screen: Web browser formed a connection to a Web server. Webserver receives the request the sends the Webpage code to the Client. etc. Software to setup a Database Server: • • • Oracle SQL Server MySql Ethical Hacking & Information Security Page 30 . And magically. which usually are web pages such as HTML documents and linked objects (images. Database Server • • The database server is a key component in a client/server environment. surfing the Web. Upon requests from the client machines. Client receives the Webpage code. So you type that URL into your browser and press return. it searches the database for selected records and passes them back over the network. and the Web Browser converts that code in to design and displays it to the User. 3.Kyrion Technologies Web Operations Web Server A computer that is responsible for accepting HTTP requests from clients (user agents such as web browsers). Software to setup a Web Server: • • Apache Internet Information Services(IIS) How Webserver Works: The Basic Process Let's say that you are sitting at your computer. . Client sends the request for the Login page on the Webserver. and the Web Browser converts that code in to design and displays it to the User. [column2.Kyrion Technologies The Login Process on the Website Let's say that you are sitting at your computer. search. 7. Creating or Inserting the records in the Table • INSERT INTO tablename (column1. Database server consists of tables and records. redirects the User to the proper Webpage.]). . 1. Ethical Hacking & Information Security Page 31 . or view existing entries 3. Deleting the Records: DELETE • Delete existing entries This is known as CRUD operation of a Database Server. Syntax Queries: 1. ]) VALUES (value1. the default value for the column is used. surfing the Web. If the Authentication is True. These tables and records the updated on a regular basis.. 8. 3. Accessing the Records: READ • Read. After the finding process is complete. Database server receives the Username and Password from the Web Server and checks its tables for that Username and Password. Updating the Records: UPDATE • Update or edit existing entries 4. • The number of columns and values must be the same. Records are kept in tables. Webserver receives the request the sends the Login page code to the Client. Client puts in the Username and Password in the Login page and sends it to the Web Server. 1. Web Server receives the Username and Password and forwards it to the Database server. Client receives the Login page code. and you open a Website to Login to your account. [value2. 6. . Creation of Records: CREATE • Create or add new entries 2. Operations of a Database Server. and if it fails User is asked to Sign in again. Below are the four main working functions of a Database Server. Web Server receives the Authentication result from the Database Server and on the basis of the result.. the Database Server sends the result of the authentication to the Web Server. 5. 4. You types in the Login Username and Password and clicks on Sign in and you get in to your account. 2. retrieve. User gets signed in to the Account. If a column is not specified.. Kyrion Technologies 2. Updating the Records • UPDATE tablename SET C1 = 1 WHERE C2 = 'a'. modify.. and an authentic username will be returned.. Deletion of records • DELETE FROM tablename [WHERE condition]. ‘1’=’1’ will assess to TRUE. • SELECT * FROM tablename (for all the fields) 3. Accessing or Reading the Records • SELECT (column1. These values can be inserted into a login as follows: o Login: admin’-o Login: admin'# Database Server ignores everything after "--" or "#" because these characters are the single line comment sequence. Another example of a SQL injection attack is making the condition true by giving the identical value to a web page. ]) FROM tablename.-When the Username argument is evaluated. A simple example of a SQL injection attack is to use the single quotation mark as part of an input value to a Web page. SQL injection • • • • • • An SQL injection attack exploits vulnerabilities in a web server database that allow the attacker to gain access to the database and read. or delete information. They are needed for inputs and queries to terminate without an error. [column2. . These values can be inserted into a login as follows: o Login: 1' or '1'='1 and Password= 1' or '1'='1 o Login: 1' or '1'='1'. Ethical Hacking & Information Security Page 32 . 4. PHP Injection: Placing PHP Backdoors • • This attack provides the means for a hacker to execute his or her system level code on a target web server. password files and directories. For example. called the Wayback Machine. Putting breaks on Web Application attacks • • • Input Validation on the SQL injection There are measures that can be applied to mitigate SQL injection attacks. Use of these practices does not guarantee that SQL injection can be completely eliminated. Even you can find out the IP based CCTV Cameras.org. It is the ability to copy the structure of a Web site to a local disk and obtain a complete profile of the site and all its files and links. Hackers use this website to have a look how other websites looked in the past. Acquiring the files and folders from the Website to the Local Computer. It keeps snapshots of pages it has crawled that we can access via the cached link on the search results page. • • • • Intitle: Searches the text in the title of the Website.Kyrion Technologies Website Enumeration • • • Website Enumeration is checking the structure of a Web site. This is also known as Web Ripping. Filetype: Searching for Files of a Specific Type Site: To narrow the Search to Specific Sites The Wayback Machine • • Archive. Ethical Hacking & Information Security Page 33 . Inurl: Finding the text in the URL of the Website. Google is a Search Engine. but they will make it more difficult for hackers to conduct these attacks. With this capability. Google hacking can be used to explore the Website by using some Advance Google search operators. Javascripts are available which allow only known good input from the Web server to the Database server. You can look for the particular filetypes. Google Hacking • • As we all know. an attacker can compromise the web server and access files with the same rights as the server system software. a number of PHP programs contain a vulnerability that could enable the transfer of unchecked user commands to the eval( ) function. each subdomain must have its own robots.com did not. Check the files on the Website regularly. but do not have root access on the server system.example.txt file but a.txt file.com had a robots.com.htaccess files should be used in a case where the content providers need to make configuration changes to the server on a per-directory basis. the rules that would apply for example. Do not allow every type of file to get uploaded on your Website.com would not apply to a. Always change the default Username and Passwords. Basic Website Security • • • • Put an Input Validation to countermeasure the SQL Injection.example. Ethical Hacking & Information Security Page 34 . If example. . For websites with multiple subdomains.Kyrion Technologies Directory access controls • • Htaccess files provide a way to make configuration changes on a per-directory basis.txt file on a website will function as a request that specified robots ignore specified files or directories in their search. Deny Google to your website • • A robots. Kyrion Technologies Wireless Hacking Ethical Hacking & Information Security Page 35 . Basic Terminologies in Wireless connection • • • SSID: Name of the Wireless Connection. Mobile users can connect to a local area network (LAN) through a wireless (radio) connection. BSSID: MAC Address of the Wireless Device Access Point. Channel: Frequency of the Wireless Network.Kyrion Technologies The popularity in wireless technology is driven by two major factors: convenience and cost. Wireless Security Overview • • • Two methods exist for authenticating wireless LAN clients to an access point: Open system or Shared key authentication. Ethical Hacking & Information Security Page 36 . Open system does not provide any security mechanisms but is simply a request to make a connection to the network. A wireless local area network (WLAN) allows workers to access digital resources without being locked to their desks. It is also known as the ESSID. Shared key authentication has the wireless client hash a string of challenge text with the WEP key to authenticate to the network. WEP is used to encrypt data on the WLAN and can optionally be paired with shared key authentication to authenticate WLAN clients.11 WLANs. WEP uses an RC4 64-bit or 128-bit encryption key. The Wireless card should support the Monitor Mode. WEP Key Cracking • Wired Equivalent Privacy (WEP) was the first security option for 802. Page 37 • Ethical Hacking & Information Security . Passive War Driving • • Passive War Driving is detecting the Wireless Networks whose SSIDs are not Broadcasted or the Hidden Wireless Networks. It can be done through any Wireless Card. WAR Driving is of two types: o Active War Driving o Passive War Driving Active War Driving • • Active War Driving is detecting the Wireless Networks whose SSIDs are broadcasted or the Wireless Networks which are shown to all the Wireless Adapters.Kyrion Technologies War Driving • • War Driving is detecting the Wireless Networks and checking out their properties. The process by which RC4 uses IVs is the real weakness of WEP: It allows a hacker to crack the WEP key. Use a WEP Key • You can use the WEP Key protection on your Wireless Network to protect your Wireless Network Connection. cracking attacks. WPA: Wi-Fi Protected Access • • WPA employs the Temporal Key Integrity Protocol (TKIP)—which is a safer RC4 implementation—for data encryption and either WPA Personal or WPA Enterprise for authentication. consequently. WPA Enterprise is a more secure robust security option but relies on the creation and more complex setup of a RADIUS server. A Sample Key: 12345@abcde&FGHI Ethical Hacking & Information Security Page 38 . This will help you in protecting your Wireless being invisible to the people who do not know about Passive War Driving. TKIP rotates the data encryption key to prevent the vulnerabilities of WEP and.Kyrion Technologies Applying the Wireless Security Hide the Wireless Network • Do not broadcast the SSID of the Wireless Network. Choosing the Best Key • Always use a long WPA Key with lower as well as upper case letters including numbers and special characters. Although this is not the ultimate security measure but will help you a lot against the Script Kiddies who do not know how to break into the WEP Protection. Mac Filtering • An early security solution in WLAN technology used MAC address filters: A network administrator entered a list of valid MAC addresses for the systems allowed to associate with the Wireless Access Point. Kyrion Technologies Tool Kit Description Ethical Hacking & Information Security Page 39 . including passwords. and fix the vulnerabilities before malicious and criminal hackers have an opportunity to take advantage of them. • Ethical Hacking & Information Security Page 40 . • Email Hacking • • Putty: Telnet Connection tool o Putty is a Connection based tool used to Setup the Telnet connection with the Open Relay Server to send the Fake Emails. addresses. Offline Password Cracker: Windows Live Disk o This is Windows Live Disk used to reset the Password of any User Account in Windows XP and Windows Vista. System Hacking • • • • • Cain and Abel: Password Cracking Tool o Cain is the tool to crack the Windows Password using several types of Automated Password Guessing attacks like Brute Force. data from these websites will be double protected through UltraSurf. Soft Central Keylogger: Keylogger o This is Software Keylogger which can be installed automatically on the Victim's computer.php: PHP Fakemail Web Script o This is the PHP Webmail Script. private email correspondence. You can visit “https” websites through UltraSurf. Active Password Cracker This is Windows Live USB Disk used to Crack the Windows User Accounts password. find security vulnerabilities. cookies and more. Streams: Streaming Tool o Streams will examine the files and directories you specify and inform you of the name and sizes of any named streams it encounters within those files. This program record every keystroke typed in via the keyboard. Streams make use of an undocumented native function for retrieving file stream information. credit card numbers. which is used to send Fake Emails when uploaded on the Web Server. names. It supports https tunneling.Kyrion Technologies Concept of Hacking • Book: Hacking for Dummies by Kevin Beaver o This book outlines computer hacker tricks and techniques — in plain English — to assess the security of your own information systems. Because contents in “https” websites are encrypted already. This is disk is also used for the Privilege Escalation. clean browsing history. and phone numbers. it can capture a wide variety of confidential information. UltraSurf: Https Tunneling Tool o UltraSurf protects your Internet privacy with anonymous surfing and browsing: hide IP addresses and locations. Fakemail. Image Hide: Steganography Tool o Image Hide loads of text in images using the concept of Steganography. threads. Cain can also be used to Sniff the Network traffic and launch the Man in the Middle attack. Microjoiner: Wrapper Program o This is the program to bind the Server part of the Software behind any image or any other file.Kyrion Technologies • • Password Recovery Tools Process Explorer o This is the utility that displays detailed information about processes running under Windows. For each process it displays memory. including the local and remote addresses and state of TCP connections. TCPView: Local Network Connection Viewer o TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system. Trojan • • • • Beast: Trojan Netbus: Trojan o These are the Trojans which are used for the Remote Administrator of the Victim's computer. it shows full path and version information.php: Remote Execution Script o This PHP Script provides the means for a hacker to execute his or her system level code on a target web server. PH. Hacker uses this tool to redirect all the network traffic to the Sniffer device and get all the Username and Password sent in the Network. Wireless Hacking • Net Stumbler: War Driving Tool o This is the best War Driving tool available for Windows. and module usage. Ethical Hacking & Information Security Page 41 . Sniffing • Cain and Abel: ARP Poisoning Tool o Apart from Password Cracking. Web Server Hacking • • • Book: Dangerous Google-Searching For Secrets Black Widow: Web Ripper o Black Widow has the ability to copy the structure of a Web site to a local disk and obtain a complete profile of the site and all its files and links. For each DLL.
Copyright © 2024 DOKUMEN.SITE Inc.