Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

What Is Hacking

advertisement 
MSBTE State Level Technical
Paper Presentation Competition
Hacking
Authors :
Mr. Sunny R. Lulla
Mr. Anil N. Lulla
Miss. Harsha Punjabi
Institute of Technology
Ulhasnagar
“HACKING”
What Is Hacking???
Hacker is one of those terms that has a different meaning depending on who uses it.
Among programmers, to be a hacker is to be a star. Hackers are programming code jockeys
that can throw together bits of miraculous pieces of programming seemingly at will. They are
gurus. People who modify computer and other pieces of electronic hardware are also
sometimes called hackers.
Hacking is a felony in the United States and most other countries. When it is done by request
and under a contract between an ethical hacker and an organization, it's OK. The key
difference is that the ethical hacker has authorization to probe the target.
Types of Hackers:1. Script Kiddies
2. White Hat Hackers
3. Black Hat Hackers
4. Gray Hat Hackers
5. Blue Hat Hackers
Script kiddies
Script kiddies is a pejorative term for a computer intruder with little or no skill; a person who
simply follows directions or uses a cook-book approach without fully understanding the
meaning of the steps they are performing.
White hat
A white hat hacker or ethical hacker is someone who breaks security but who does so for
altruistic or at least non-malicious reasons. White hats generally have a clearly defined code
of ethics, and will often attempt to work with a manufacturer or owner to improve discovered
security weaknesses, although many reserve the implicit or explicit threat of public disclosure
after a "reasonable" time as a prod to ensure timely response from a corporate entity. The
term is also used to describe hackers who work to deliberately design and code more secure
systems. To white hats, the darker the hat, the more the ethics of the activity can be
considered dubious. Conversely, black hats may claim the lighter the hat, the more the ethics
of the activity are lost.
Black Hat
A black hat hacker is someone who subverts computer security without authorization or who
uses technology (usually a computer or the Internet) for terrorism, vandalism, credit card
fraud, identity theft, intellectual property theft, or many other types of crime. This can mean
taking control of a remote computer through a network, or software cracking.
Gray hat
A grey hat hacker is a hacker of ambiguous ethics and/or borderline legality, often frankly
admitted.
Blue Hat
A blue hat hacker is someone outside computer security consulting firms that are used to bug
test a system prior to its launch, looking for exploits so they can be closed. The term has also
been associated with a roughly annual security conference by Microsoft, the unofficial name
coming from the blue color associated with Microsoft employee badges.
Common methods
There are several recurring tools of the trade and techniques used by computer criminals and
security experts:
1. Security exploit
2. Packet Sniffer
3. Spoofing attack
4. Trojan horse
5. Virus
6. worm
Security exploit
A security exploit is a prepared application that takes advantage of a known weakness.
Packet Sniffer
packet sniffer is an application that captures TCP/IP data packets, which can maliciously be
used to capture passwords and other data while it is in transmit either within the computer or
over the network.
Spoofing attack
A spoofing attack is a situation in which one person or program successfully masquerades as
another by falsifying data and thereby gaining illegitimate access.
Trojan horse
A Trojan horse is a program designed as to seem to being or be doing one thing, such as a
legitimate software, but actually being or doing another. They are not necessarily malicious
programs but can be. A trojan horse can be used to set up a back door in a computer system
so that the intruder can return later and gain access. Viruses that fool a user into downloading
and/or executing them by pretending to be useful applications are also sometimes called
trojan horses. (The name refers to the horse from the Trojan War, with conceptually similar
function of deceiving defenders into bringing an intruder inside.)
Virus
A virus is a self-replicating program that spreads by inserting copies of itself into other
executable code or documents. Thus, a computer virus behaves in a way similar to a
biological virus, which spreads by inserting itself into living cells.
Worm
Like a virus, a worm is also a self-replicating program. The difference between a virus and a
worm is that a worm does not create multiple copies of itself on one system: it propagates
through computer networks. After the comparison between computer viruses and biological
viruses, the obvious comparison here is to a bacterium. Many people conflate the terms
"virus" and "worm", using them both to describe any self-propagating program. It is possible
for a program to have the blunt characteristics of both a worm and a virus.
Before being a Ethical Hacker or Perfect Software Designer, you should know Hacking (how
Software’s are being hacked using various Tricks).Sometimes hacking is done for some
important or secrete data & sometimes for money.
There Are Many Tools Available, Using Them You Can Do Following Things And Many
More.
1. To Crack the Software’s.
2. To Create Viruses / Worms.
3. To Get the Password Of The Administrator.
4. To Hack the Sites.
5. How To Get The Passwords Of The Users Belonging To Any Site
Using Some Tricks.
1. Get Ready Made Viruses According To Your Need.
This Is The Tool Which Is Used To Create Viruses According To Your Use.
In This Tool You Just Have To Select the Operations to Be Performed By Your Virus
Then Select the Name of Virus and also Select The Server Name Of Virus.
Select the Execution Time of Virus (when should the Virus to be activated).
Click on Create Virus and here Virus Will be Created.
2. Get Administrators Password.
This Is the Tool Which Is Used To Get The Password Of The Any User (Even Of
Administrator)
You Just Enter The Name Of The User & Click On Crack.
The Password Will Be In Front Of Your Eyes.
Send Mails To Any One Without Giving Your Identity
You can send the mails from any E-mail ID To any E-mail ID without showing
Your identity or without entering any password, free of cost.
Send SMS To Any One from any mobile number
You Can Send SMS To Any One From Any Number You Want Without
Having That Number, Free Of Cost.
There are many hacking techniques like
1. SQL injection
2. Cross Site Scripting.
1. SQL Injection:SQL injection is a technique used to take advantage of non-validated input vulnerabilities
to pass SQL commands through a Web application for execution by a backend database.
Attackers take advantage of the fact that programmers often chain together SQL commands
with user-provided parameters, and can therefore embed SQL commands inside these
parameters. The result is that the attacker can execute arbitrary SQL queries and/or
commands on the backend database server through the Web application.
This can allow an attacker to not only steal data from your database, but also modify and
delete it. If an attacker can obtain access to these Procedures it may be possible to
compromise the entire machine. Attackers commonly insert single qoutes into a URL's query
string, or into a forms input field to test for SQL Injection. If an attacker receives an error
message like the one below there is a good chance that the application is vulnerable to SQL
Injection.
Example of SQL Injection:-
1) admin'-2) ' or 0=0 -3) " or 0=0 -4) or 0=0 -5) ' or 0=0 ##
6) " or 0=0 ##
7) or 0=0 ##
8) ' or 'x'='x
9) " or "x"="x
This Is the Injection Used To Enter the Site as the Administrator.
The Magnitude Of The Injection Is 25% To 30%.
This Is The Site Which Is Hacked Using SQL Injection. And Many More Sites Are Even
Hacked By This Method.
2. Cross Site Scripting
Cross site scripting (also known as XSS) occurs when a web application gathers malicious
data from a user. The data is usually gathered in the form of a hyperlink which contains
malicious content within it. The user will most likely click on this link from another website,
web board, email, or from an instant message. Usually the attacker will encode the malicious
portion of the link to the site in HEX (or other encoding methods) so the request is less
suspicious looking to the user when clicked on. After the data is collected by the web
application, it creates an output page for the user containing the malicious data that was
originally sent to it, but in a manner to make it appear as valid content from the website.
Example Of Cross Site Scripting:-
The Image Above Is Looking Like Original Orkut Login But It Is A Fake Login Screen
As User Entered The Login Name And The Password. And Clicked On The Sign In
Button The E-mail And Password Will Be Sent To Our E-mail Id
The Code Is Written On The Submit Button.
Conclusion
So Now We Can Say That Hacking Is Very Easy Any One Can Do This
By Using Some Tools, Techniques and Small Knowledge of
Programming &Networking. And Most Important “Patience”
Thank You
Related documents
Chps 5, 7, & 12 Topics for paper
Chps 5, 7, & 12 Topics for paper
Unit 2_2m - SNS Courseware
Unit 2_2m - SNS Courseware
Hackers (Presentation)
Hackers (Presentation)
What is Ethical Hacking??
What is Ethical Hacking??
OPERATION OPISRAEL Introduction • It is a hacking attempt by
OPERATION OPISRAEL Introduction • It is a hacking attempt by
full paper on Ethical Hacking
full paper on Ethical Hacking
Battlefield Cell Virus Attacks
Battlefield Cell Virus Attacks
Expanding a Moment: Snapshot
Expanding a Moment: Snapshot
Is Hacker A Hero or Villain?
Is Hacker A Hero or Villain?
Download
advertisement