ETHICAL HACKING
Internship Report for the award of two credits
Submitted by
YEDDULA SHREESH REDDY
B.E (ECE) 3rd SEMESTER
Roll Number : 160121735135
Internship(course) is carried out
INTERNSHALA
Internship: 15-12-2022 to 29-01-2023 (08 weeks)
Chaitanya Bharathi Institute of Technology (A)
HYDERABAD -500 075
FEBRUARY 2023
ACKNOWLEDGEMENT
I would like to express my sincere gratitude to INTERNSHALA for
delivering such an insightful and practical machine learning course. Their
passion for the subject matter was contagious and their guidance and
support were invaluable throughout the course.
I would also like to thank the department of Electronics and
Communication Engineering (ECE) for letting me pursue this course and
for their unwavering support throughout.
I am also grateful to Chaitanya Bharathi Institute of Technology for
providing access to the course and for their commitment to delivering
high-quality education in the field of ethical hacking.
I would also like to thank my classmates for their collaborative learning,
support, and feedback.
The assignments and discussions were intellectually stimulating and
provided a rich and diverse learning experience.
Finally, I would like to thank my family and friends for their unwavering
support and encouragement throughout my academic journey. Their
support has been a constant source of inspiration and motivation.
Table of Contents
-> Abstract
1
-> Introduction
2
-> Ethical Hacking
4
-> Methodology
8
o The Phases of Ethical Hacking
8
o Identifying Types of Hacking Technologies
11
o Identifying Types of Ethical Hacks
12
o Understanding Testing Types
14
-> Discussion
17
-> Conclusions and recommendations
19
-> References
21
Abstract
Information security is the fastest growing area in the Information Technology
(IT) sector Security would be an easy process if all that had to be done were to
install a firewall and anti - virus software, but the reality is that securing
information
requires
a
multi
-
layered
approach.
Obtaining
this
requires adopting measures to prevent the unauthorised use, misuse,
modification or denial of use of knowledge, facts, data, or capabilities and it
requires taking a proactive approach to manage the risk. This is where ethical
hackers come into real play. Ethical hacking is an "art" in the sense that the
"artist" must possess the skills and knowledge of a potential attacker (to
imitate
an attack)
and
the resources with which they mitigate the
vulnerabilities used by attackers. Ethical hacking is the process of analysing
the imposed threat on a given system or network by modelling the actions of
an adversary.
This paper describes ethical hackers: their skills, their attitudes, and how they go
about helping their customers find and plug up security holes. The ethical
hacking process is explained in detail. Successful ethical hackers possess a
variety of skills. Primarily, they must be completely trustworthy. The
ethical hacker often holds the “keys to the company," Modern security efforts
have to plan for the unplanned and anticipate attacks before they occur. Ethical
Hacking is in the boom and it is high time every company recognizes the
need of a potential professional ethical hacker. Ethical hacking is not just
necessary; it is inevitable.
Page 1
Introduction
The explosive growth of the Internet has brought many good things: electronic commerce,
easy access to vast stores of reference material, Collaborative computing, e-mail, and
new avenues for advertising and information distribution, to name a few. As
with most technological advances, there is also a dark side: criminal hackers. Governments,
companies, and private citizens around the world are anxious to be a part of this revolution,
but they are afraid that some hacker will break into their Web server and replace their
logo with pornography, read their e-mail, steal their credit card number from an on-line
shopping site, or implant software that will secretly transmit their organization‟s secrets to the
open Internet. With these concerns and others, the ethical hacker can help. This paper
describes ethical hackers: their skills, their attitudes, and how they go about helping their
customer‟s find and
plug up security holes.
HACKING
Who are these Hackers?
The term "hacker" has a dual usage in the computer industry today. Originally, the term was
defined as an enthusiastic and skill full computer programmer or user. Recently, hacker has
taken on a new meaning and someone who maliciously breaks into systems for personal gain.
Technically,
these
criminals
are crackers (criminal
hackers).
Crackers
break into (crack) systems with malicious intent.
Categories of Hacker
There are a number of categories of hackers such as Black Hats who are highly skilled, but
have malevolent and detrimental intent. White Hats, in contrast, are hackers who use their
talent to protect and defend networks. Grey Hats Hack for different reasons either ethically or
unethically depending on the situation and circumstances at hand. Script Kiddies uses
existing computer scripts or code to hack into computers, lacking the expertise to write their
own. Hacktivist
are the computer hacker whose activity is aimed at promoting a social or
political cause. Corporations hire hackers to infiltrate the competition and steal trade secrets.
They may hack in from the outside or gain employment in order to act as a mole.
Spy Hackers may use similar tactics as hacktivists, but their only agenda is to serve their
client‟s
goals and be paid. Cyber Terrorists are those hackers, generally motivated by religious
or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures.
HISTORY HIGHLIGHTS:
In one early ethical hack, the United States Air Force conducted a “security evaluation” of the
Multicast operating systems for “potential use as a two-level (secret/top secret) system.” With
the growth of computer networking, and of the Internet in particular, computer and network
vulnerability studies began to appear outside of the military establishment. Most notable of
these was the work by Farmer and Venema, which was originally posted to Usenet in
December of 1993.
Figure 1 History
Ethical hacking
“Ethical Hacking” is the process of entering into a hacker‟s mind set in order
to spot system vulnerabilities by performing typical hacks in a controlled
environment.
Ethical hacking also known as penetration testing or white-hat hacking
involves the same tools, tricks, and techniques that hackers use, but with one
major difference: Ethical hacking is legal. Ethical hacking is performed with the
target‟s permission. The intent of ethical hacking is to discover vulnerabilities
from a hacker‟s viewpoint so systems can be better secured. Its part of
an overall information risk management program that allows for on-going
security improvements. Ethical hacking can also ensure that vendors‟ claims
about the security of their products are legitimate.
What Do Ethical Hackers Do?
Ethical hacking is not a clandestine operation from the point of view of
the organization to which the ethical hacker belongs. It is done with
appropriate directions and it is meant to serve the desired objective and to test
the working of the system and the possible problems that it may encounter.
White hats, the skilled computer experts who are in a position to gauge the
vulnerabilities in the computer systems from every angle and will suggest
procedures to plug the loopholes. These loopholes, if not tackled well in
time. May be exploited by those working within the organization or by outside
agencies-the competitors of the company possibly, the black hats. White
hats devise methods to counter black hats to keep the secrets of the company
secure and to protect its business interest.
The technical difference between ethical hacking and hacking is zero but
the moral difference is substantive. The fact that the ethical hacker is able to
protect the system implies that he has the skills to penetrate or crash other
systems and
check moves by the prospective hacker to create mischief to the organization for
which the ethical hacker is working for. Therefore, the difference between
a white hat and a black hat is one of perspective. A black hat in an organization
can be the white hat for the other organizations if he switches employment.
Concerns about information theft:
Internet revolution and expertise in computer operations has created grave
problems relating to confidentiality of the data. Government organizations
dealing with defence of the country and security are at special risks. For
business establishments, details related to market strategy and other consumer
information are of supreme importance for chalking out future strategies. If the
enemy countries or business competitors are able to lay hands on the classified
information,
serious
troubles
can
be
in
store.so
the
establishments
constantly review the system and plug the loopholes to make it impenetrable.
White hats have a tremendous responsibility and the top management looks
forward to them with high hopes.
An ideal ethical hacker:
Apart from the formal knowledge about the working of computers, an ethical
hacker creates his own syllabus. For some computer-sawy individuals, this area
interests a lot and their creative genius finds an outlet. He is an original thinker,
who evaluates the issues outside the box and gives original solutions to prevent
encroachment by black hats. He is well versed in multiple computer codes and
strong in mathematics. They need to train the mind to experiment with
the destructive ideas, to enable to cause damage to the property of the
intended target by creating viruses etc.
Required Skills of an Ethical Hacker
Routers – Knowledge of routers, routing protocols, and access control
lists (ACLs). Certifications such a Cisco Certified Network Associate
(CCNA) or Cisco Certified Internetworking Expert (CCIE) can
be helpful.
Microsoft– Skills in the operation, configuration, and management of
Microsoft-based systems. These can run the gamut from Windows NT to
Windows 2003. These individuals might be Microsoft Certified
Administrator (MCSA) or Microsoft Certified Security Engineer (MCSE)
certified.
Linux– A good understanding of the Linux/UNIX OS. This includes
security setting, configuration, and services such as Apache. These
individuals may be Red Hat, or Linux+ certified.
Firewalls– Knowledge of firewall configuration and the operation of
intrusion detection systems (IDS) and intrusion prevention systems (IPS)
can be helpful when performing a security test. Individuals with
these skills may be certified in Cisco Certified Security Professional
(CCSP) or Checkpoint Certified Security Administrator (CCSA).
Mainframes– Although mainframes do not hold the position of
dominance they once had in business, they still are widely used. If
the organization being assessed has mainframes, the security teams
would benefit from having someone with that skill set on the team.
Network protocols– Most modern networks are (TCP/IP), although you
might still find the occasional network that uses Novell or Apple routing
information. Someone with good knowledge of networking protocols, as
well as how these protocols function and can be manipulated, can play a
key role in the team. These individuals may possess certifications in other
OSes, hardware, or even possess a Network + or Security+ certification.
Project management– Someone will have to lead the security test team, and
if you are chosen to be that person, you will need a variety of the
skills and knowledge types listed previously. It can also be helpful
to have good project management skills. After all, you will be
leading, planning,
test
organizing,
and
controlling
the
penetration
team. Individuals in this role may benefit from having Project
Management Professional (PMP) certification.
On top of all this, ethical hackers need to have good report writing skills and
must always try to stay abreast of current exploits, vulnerabilities, and emerging
threats, as their goals are to stay a step ahead of malicious hackers.
Methodology
The Phases of Ethical Hacking
The process of ethical hacking can be broken down into five distinct phases. An
ethical hacker follows processes similar to those of a malicious hacker.
The steps to gain and maintain entry into a computer system are similar no
matter what the hacker‟s intentions are. Figure 1.1 illustrates the five
phases that hackers generally follow in hacking a computer system.
Figure 2 Phases of hacking
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance involves gathering information about a potential target
without
the
targeted
individual
or
company‟s
knowledge.
Passive
reconnaissance can be as simple as watching a building to identify what time
employees
enter the building
and when they
leave. However, most
reconnaissance is done sitting in front of a computer. When hackers are looking
for information on a potential target, they commonly run an Internet search on
an individual or company to gain information. Many of us have performed the
same search on our own name or a potential employer, or just to gather
information on a topic. This process when used to gather information regarding a
TOE is generally called information gathering. Social engineering and
dumpster diving are also considered passive information-gathering methods.
Sniffing the network is another means of passive reconnaissance and can yield
useful information such as IP address ranges, naming conventions, hidden
servers or networks, and other available services on the system or
network. Sniffing network traffic is similar to building monitoring: a hacker
watches the flow of data to see what time certain transactions take place
and where the traffic is going. Sniffing network traffic is a common hook
for many ethical hackers. Once they use some of the hacking tools and are able
to see all the data
That is transmitted in the clear over the communication networks, they are eager
to learn and see more. Sniffing tools are simple and easy to use and yield a great
deal of valuable information. Many times this includes usernames, passwords,
and other sensitive data. This is usually quite an eye-opening experience
for many network administrators and security professionals and leads to
serious security concerns. Active reconnaissance involves probing the
network to discover individual hosts, IP addresses, and services on the
network. This process involves more risk of detection than passive
reconnaissance and is sometimes called rattling the doorknobs. Active
reconnaissance can give a hacker an indication of security measures in place
(is the front door locked?), but the process also increases the chance of
being caught or at least raising suspicion. Many software tools that perform
active reconnaissance can be traced back to the computer that is running the
tools, thus increasing the chance of detection for the hacker. Both passive and
active reconnaissance can lead to the
discovery of useful information to use in an attack. For example, it is usually
easy to find the type of web server and the operating system (OS)
version number that a company is using. This information may enable a hacker
to find vulnerability in that OS version and exploit the vulnerability to
gain more access.
Phase 2: Scanning
Scanning involves taking the information discovered during reconnaissance and
using it to examine the network. Tools that a hacker may employ during
the scanning phase include
o Diallers
o
Port scanners
o
Internet Control Message Protocol (ICMP) scanners
o Ping sweeps
o Network mappers
o Simple Network Management Protocol (SNMP) sweepers
o Vulnerability scanners
Hackers are seeking any information that can help them perpetrate an attack on a
target, such as the following:
· Computer names
· Operating system (OS)
· Installed software
· IP addresses
· User accounts
Phase 3: Gaining Access
Phase 3 is when the real hacking takes place. Vulnerabilities exposed during the
reconnaissance and scanning phase are now exploited to gain access to
the
target system. The hacking attack can be delivered to the target system
via a local area network (LAN), either wired or wireless; local access to a
PC;
the Internet;
or
offline.
Examples
include
stack
based
buffer
overflows, denial of service, and session hijacking. Gaining access is known in
the hacker world as owning the system because once a system has been
hacked, the hacker has control and can use that system as they wish.
Phase 4: Maintaining Access
Once a hacker has gained access to a target system, they want to keep
that access for future exploitation and attacks. Sometimes, hackers harden
the system from other hackers or security personnel by securing their
exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns
the system, they can use it as a base to launch additional attacks. In this case,
the owned system is sometimes referred to as a zombie system.
Phase 5: Covering Tracks
Once hackers have been able to gain and maintain access, they cover
their tracks to avoid detection by security personnel, to continue to use the
owned system, to remove evidence of hacking, or to avoid legal action. Hackers
try to remove all traces of the attack, such as log files or intrusion detection
system (IDS) alarms. Examples of activities during this phase of the attack
include
o Steganography
o Using a tunnelling protocol
o Altering log files
Identifying Types of Hacking Technologies
Many methods and tools exist for locating vulnerabilities, running exploits, and
compromising systems. Once vulnerabilities are found in a system, a hacker can
exploit that vulnerability and install malicious software. Trojans, backdoors, and
rootkits are all forms of malicious software, or malware. Malware is installed on
a hacked system after a vulnerability has been exploited. Buffer overflows and
SQL injection are two other methods used to gain access into computer
systems.
Buffer
overflows
and
SQL
injection
are
used
primarily
against application servers that contain databases of information.
Most hacking tools exploit weaknesses in one of the following four areas:
Operating Systems: Many system administrators install operating systems with
the default settings, resulting in potential vulnerabilities that remain unpatched.
Applications: Applications usually are not thoroughly tested for vulnerabilities
when
developers
programming flaws
are
that
writing
a
the
hacker
code,
which
can
exploit.
can
leave
Most
many
application
development is “feature- driven,” meaning programmers are under a deadline
to turn out the most robust application in the shortest amount of time.
Shrink-Wrap Code: Many off-the-shelf programs come with extra features the
common user is not aware of, and these features can be used to exploit
the system. The macros in Microsoft Word, for example, can allow a
hacker to execute programs from within the application.
Misconfigurations: Systems can also be misconfigured or left at the
lowest common security settings to increase ease of use for the user; this may
result in vulnerability and an attack.
Identifying Types of Ethical Hacks
Ethical hackers use many different methods to breach an organization‟s security
during a simulated attack or penetration test. Most ethical hackers have a
specialty in one or a few of the following attack methods. In the initial
discussion with the client, one of the questions that should be asked is whether
there are any specific areas of concern, such as wireless networks or
social
engineering. This enables the ethical hacker to customize the test to be
performed to the needs of the client. Otherwise, security audits should include
attempts to access data from all of the following methods.
Here are the most common entry points for an attack:
Remote Network- A remote network hack attempts to simulate an
intruder launching an attack over the Internet. The ethical hacker tries to break
or find vulnerability in the outside defences of the network, such as firewall,
proxy, or router vulnerabilities. The Internet is thought to be the most common
hacking vehicle, while in reality most organizations have strengthened their
security defences sufficient to prevent hacking from the public network.
Remote Dial-Up Network- A remote dial-up network hack tries to simulate an
intruder launching an attack against the client‟s modem pools. War dialling is
the process of repetitive dialling to find an open system and is an example of
such an attack. Many organizations have replaced dial-in connections with
dedicated Internet connections so this method is less relevant than it once was in
the past.
Local Network- A local area network (LAN) hack simulates someone
with physical access gaining additional unauthorized access using the local
network. The ethical hacker must gain direct access to the local network
in order to launch this type of attack. Wireless LANs (WLANs) fall in this
category and have added an entirely new avenue of attack as radio waves
travel through building structures. Because the WLAN signal can be identified
and captured outside the building, hackers no longer have to gain physical
access
to
the building and network to perform an attack on the LAN.
Additionally, the huge growth of WLANs has made this an increasing source of
attack and potential risk to many organizations.
Stolen Equipment- A stolen-equipment hack simulates theft of a critical
information resource such as a laptop owned by an employee. Information such
as usernames, passwords, security settings, and encryption types can be gained
by stealing a laptop. This is usually a commonly overlooked area by
many organizations. Once a hacker has access to a laptop authorized in the
security domain, a lot of information, such as security configuration, can be
gathered. Many times laptops disappear and are not reported quickly enough to
allow the security administrator to lock that device out of the network.
Social Engineering- A social-engineering attack checks the security
and integrity of the organization‟s employees by using the telephone or face-toface communication to gather information for use in an attack. Socialengineering attacks can be used to acquire usernames, passwords, or other
organizational security
measures.
Social-engineering
scenarios
usually
consist of a hacker calling the help desk and talking the help desk
employee into giving out confidential security information.
Physical
Entry-A
physical-entry
attack
attempts
to
compromise
the organization‟s physical premises. An ethical hacker who gains physical
access can plant viruses, Trojans, rootkits, or hardware key loggers
(physical device used to record keystrokes) directly on systems in the
target
network. Additionally, confidential documents that are not stored in a
secure location can be gathered by the hacker. Lastly, physical access to the
building would allow a hacker to plant a rogue device such as a wireless access
point on the network. The hacker to access the LAN from a remote
location could then use these devices.
Understanding Testing Types
When performing a security test or penetration test, an ethical hacker
utilizes one or more types of testing on the system. Each type simulates an
attacker with
different levels of knowledge about the target organization. These types are as
follows:
Black Box-Black-box testing involves performing a security evaluation and
testing with no prior knowledge of the network infrastructure or system to be
tested. Testing simulates an attack by a malicious hacker outside the
organization‟s security perimeter. Black-box testing can take the longest amount
of time and most effort as no information is given to the testing team. Therefore,
the information-gathering, reconnaissance, and scanning phases will take a great
deal of time. The advantage of this type of testing is that it most closely
simulates a real malicious attacker‟s methods and results. The disadvantages are
primarily the amount of time and consequently additional cost incurred by the testing
team.
White Box- White-box testing involves performing a security evaluation and testing
with complete knowledge of the network infrastructure such as a network
administrator would have. This testing is much faster than the other two methods as the
ethical hacker can jump
right to the
attack phase, thus
bypassing
all the
information-gathering, reconnaissance, and scanning phases. Many security audits
consist of white-box testing to avoid the additional time and expense of black
box testing.
Gray Box- Gray-box testing involves performing a security evaluation and
testing internally. Testing examines the extent of access by insiders within the network.
The purpose of this test is to simulate the most common form of attack, those
that are initiated from within the network. The idea is to test or audit the level of access
given to employees or contractors and see if those privileges can be escalated to a
higher level.
In addition to the various types of technologies a hacker can use, there are different
types of attacks. Attacks can be categorized as either passive or active. Passive and
active attacks are used on both network security infrastructures and on hosts. Active
attacks alter the system or network they are attacking, whereas passive attacks attempt
to gain information from the system. Active attacks affect the availability, integrity,
and authenticity of data; passive attacks are breaches of confidentiality.
In addition to the active and passive categories, attacks are categorized as either inside
attacks or outside attacks. An attack originating from within the security perimeter of an
organization is an inside attack and usually is caused by an “insider” who gains
access to more resources than expected. An outside attack originates from a
source outside the security perimeter, such as the Internet or a remote access
connection.
Discussion
Understanding the true intentions of the public is quite a hard task these days,
and it is even harder so, to understand the intentions of every single
ethical hacker getting into vulnerable systems or networks. Technology is ever
growing and we are encountering tools that are beneficial to the public, but in
the wrong hands can create great controversy, breaching our basic right to
privacy, respect and freewill.
Ethical hacking nowadays is the backbone of network security. Each day
its relevance is increasing, the major pros & cons of ethical hacking
are given below:
Drawbacks of Ethical Hacking: As with all types of activities that have a darker
side,
there
will
be
dishonest
people
presenting
drawbacks.
The
possible drawbacks of ethical hacking include:
The ethical hacker using the knowledge they gain to do malicious hacking
activities.
-> Allowing the company is financial and banking details to be seen.
->The possibility that the ethical hacker will send and/or place
malicious code, viruses, malware and other destructive and harmful
things on a computer system.
-> Massive security breach.
These are not common, however, they are something all company's should
consider when using the services of an ethical hacker.
Benefits of Ethical Hacking: Most of the benefits of ethical hacking are
obvious, but many are overlooked. The benefits range from simply preventing
malicious hacking to preventing national security breaches. The benefits
include:
-> Fighting against terrorism and national security breaches.
->Having a computer system that prevents malicious hackers from gaining
access.
->Having adequate preventative measures in place to prevent security
breaches.
Future enhancements: As it is an evolving branch, the scope of enhancement in
technology is immense. No ethical hacker can ensure the system security
by using the same technique repeatedly. He would have to improve, develop and
explore new avenues repeatedly. More enhanced software should be used
for optimum protection. Tools used, need to be
more efficient ones need to be developed.
updated regularly and
Conclusions and Recommendations
To conclude the paper reports a lot of relevant information that will raise issues
in the future and whether the problem needs to be handled. Technology
has continued to grow at a high rate over the years and continues to do so;
scholars are putting themselves in vulnerable positions by helping individuals
to hack. The mind is a very powerful tool that has no control, the control will
continue to grow proportionally with the desire to get knowledge of
something that is impossible to achieve in its entity, but not forgotten in its
entirety. Hackers will always find ways of getting into systems, whether they are
doing it for good or bad.
One of the main aims of the seminar is to make others understand that there are
so many tools through which a hacker can get in to a system. Let„s check its
various needs from various perspectives.
● Student
A student should understand that no software is made with zero Vulnerability.
Therefore, while they are studying they should study the various
possibilities and should study how to prevent that because they are the
professionals of tomorrow.
● Professionals
Professionals should understand that business is directly related to
Security. Therefore, they should make new software with vulnerabilities as
less as possible. If they are not aware of these then they won„t be cautious
enough in security matters.
In the preceding sections, we saw the methodology of hacking, why should we
aware of hacking and some tools that a hacker may use. Now we can see what
We can do against hacking or to protect ourselves from hacking.
● The first thing we should do is to keep ourselves updated about those software
we and using for official and reliable sources.
● Educate the employees and the users against black hat hacking.
● Use every possible security measures like Honey pots, Intrusion
Detection
Systems, Firewalls etc.
● every time make our password strong by making it harder and longer to be
cracked.
Regular
auditing,
administration practice,
vigilant
and
intrusion
computer
detection,
security
good
awareness
system
are
all
essential parts of an organization‟s security efforts. A single failure in any of
these areas could very well expose an organization to cyber-vandalism,
embarrassment, loss of revenue or mind share, or worse. Any new technology
has its benefits and its risks. While ethical hackers can help clients had better
understand their security needs, it is up to the clients to keep their guards in
place.
Reference
http://ishwer.zxq.net/hacking/ebook/Ethical%20hacking.pdf
http://media.techtarget.com/searchNetworking/downloads/hacking_for_d
ummies.pdf
http://www.ethicalhacker.net/content/view/21/2/
http://media.wiley.com/product_data/excerpt/07/04705252/0470525207.p df
http://www.ijest.info/docs/IJEST11-03-05-186.pdf
http://www.koenig-solutions.com/training/EthicalHacker.pdf
http://www.thehackingarticles.com/2012/01/phases-of-ethicalhacking.html#.UFzVIY0gdFX
http://www.gocertify.com/articles/ceh/Preparing-for-the-CEH-exam.html
http://www.go4expert.com/forums/showthread.php?t=11925