Professional Documents
Culture Documents
Hacking and Cracking Technigues
Hacking and Cracking Technigues
Hacking and Cracking Technigues
CRACKING TECHNIQUES
BY;
ERIC MUIA
ABSTRACT
Hacking is generally skills for gaining unauthorized access to data or computer
services. Cracking on the other hand is the art of modification of software to remove
or disable features which are considered undesirable by the person cracking the
software, especially copy protection features (including protection against the
manipulation of software, serial number, hardware key, date checks and disc check)
or software annoyances like nag screens and adware. This paper looks at critically
reviewing the two areas, how they are related, the techniques used in the two areas
and various countermeasures to the techniques discussed.
Contents
1. INTRODUCTION............................................................................................................................... 4
1.1 TYPES OF HACKERS .................................................................................................................... 5
1.2 THE HACKING PROCESS ...................................................................................................... 6
1.3 METHODS OF HACKING ....................................................................................................... 7
2. CATEGORIES OF HACKING AND CRACKING ........................................................................ 8
2.1 HACKING ......................................................................................................................................... 9
2.2 CRACKING .............................................................................................................................. 10
2.2.1 Cracking for fun: ..................................................................................................................... 10
2.2.2 Financial Crime or Phreaking: ............................................................................................... 11
2.2.3 Hacktivism: ............................................................................................................................... 11
3. HACKING TECHNIQUES AND THEIR COUNTER MEASURES .......................................... 11
3.1 Hacking and Cracking Techniques ............................................................................................... 11
3.2. Protection Measures ...................................................................................................................... 15
1. INTRODUCTION
Hacking is identifying weakness in computer systems or networks to exploit its
weaknesses to gain access. The term "hack" was first used by US university
computing Centre staff in the mid-1960s.(Wikipedia) Intrusion is defined as an
attempt to break into or misuse a computer system. There are two words to
describe people who try to get into system: hacker and cracker. Hacker are those
people who get into system or use the system for legal purposes. Basic purpose
of hackers is to know the system internally without any bad intention. Hackers
like to explore their own systems whereas malicious hacker is the person who
likes getting into other people’s system.
In most cases cracking is referred to as part of hacking whereas some people use
the word to mean hacking or hacking to mean cracking. So cracking is generally
part and piece of hacking since you need to crack password for you to gain access
to computers and networks and also you need to crack software applications so
as to use them illegally without paying for them i.e. gaining unauthorized access.
Get written permission from the owner of the computer system and/or
computer network before hacking.
Protect the privacy of the organization been hacked.
Transparently report all the identified weaknesses in the computer system
to the organization.
Inform hardware and software vendors of the identified weaknesses.
1.1 TYPES OF HACKERS
A hacker is a person who finds and exploits the weakness in computer systems
and/or networks to gain access. Hackers are usually skilled computer programmers
with knowledge of computer security. Hackers are classified according to the intent
of their actions. The following list classifies hackers according to their intent.
Symbol Description
Phase 1: Reconnaissance
Can be active or passive: in passive reconnaissance the information is gathered
regarding the target without knowledge of targeted company or individual. It
could be done simply by searching information of the target on internet or
bribing an employee of targeted company who would reveal and provide useful
information to the hacker. This process is also called as “information gathering”.
In this approach, hacker does not attack the system or network of the company
to gather information. Whereas in active reconnaissance, the hacker enters into
the network to discover individual hosts, IP addresses and network services.
This process is also called as “rattling the doorknobs”. In this method, there is a
high risk of being caught as compared to passive reconnaissance.
Phase 2: Scanning:
In scanning phase, the information gathered in phase 1 is used to examine the
network. Tools like dialers, port scanners etc. are used by the hacker to examine
the network so as to gain entry in the company’s system and network.
Phase 3: Owning The System:
This is the real and actual hacking phase. the hacker uses the information
discovered in earlier two phases to attack and enter into the local area network
(LAN, either wired or wireless), local pc access, internet or offline. This phase
is also called as “owning the system”.
2.1 HACKING
2.1.1 Inside Jobs
Most security breaches originate inside the network that is under attack.
Inside jobs include stealing passwords (which hackers then use or sell),
performing industrial espionage, causing harm (as disgruntled employees),
or committing simple misuse. Sound policy enforcement and observant
employees who guard their passwords and PCs can thwart many of these
security breaches.
2.1.2 Rogue Access Points
Rogue access points (APs) are unsecured wireless access points that
outsiders can easily breech. (Local hackers often advertise rogue APs to
each other.) Rogue APs are most often connected by well-meaning but
ignorant employees.
2.1.3 Back Doors
Hackers can gain access to a network by exploiting back doors,
administrative shortcuts, configuration errors, easily deciphered passwords,
and unsecured dial-ups. With the aid of computerized searchers (bots),
hackers can probably find any weakness in your network.
2.1.4 Denial of Service
DOS attacks give hackers a way to bring down a network without gaining
internal access. DOS attacks work by flooding the access routers with bogus
traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).
2.1.5 Distributed Doss
DDOSS are coordinated DOS attacks from multiple sources. A DDOSS more
difficult to block because it uses multiple, changing, source IP addresses.
2.1.6 Anarchists, Crackers, and Kiddies
Anarchists are people who just like to break stuff. They usually exploit any
target of opportunity. Crackers are hobbyists or professionals who break
passwords and develop Trojan horses or other SW (called wares). They either
use the SW themselves (for bragging rights) or sell it for profit. Script kiddies
are hacker wannabes. They have no real hacker skills, so they buy or
download wares, which they launch. Other attackers include disgruntled
employees, terrorists, political operatives, or anyone else who feels
slighted, exploited, ripped off, or unloved.
2.1.7 Sniffing and Spoofing
Sniffing refers to the act of intercepting TCP packets. This interception can
happen through simple eavesdropping or something more sinister. Spoofing
is the act of sending an illegitimate packet with an expected acknowledgment
(ACK), which a hacker can guess, predict, or obtain by snooping.
2.2 CRACKING
Cracking is hacking which does damage to a system or its contents. Computers
appear to attract a group of people who direct their anti-social activities against
the very instrumental that is, computers with which they can conduct those
activities. There are three types of cracking:
That is done for private pleasure of the cracker
Cracking done with financial gain in mind
Cracking done with political motivation.
2.2.1 Cracking for fun:
The bulk of cracking is done by personal challenge of getting unauthorized
access to another’s computer. At this stage, only hacking is involved, crackers
take the further steps of interfering with the access systems by reading e-mails,
creating fictitious accounts, altering programs (often to allow themselves easier
access in future) and so forth. The cracker may do this for purely personal
pleasure or satisfaction and may wish to publicize the achievements to a
probably small group of like-minded people either to gain credibility or share
information.
2.2.2 Financial Crime or Phreaking:
While not suggesting, that cracking is not criminal, it is believed that qualitative
distinction can be made between cracking which is done with the pleasure of
achievement or challenge, and the cracking which is done with the intent of
financial gains. The amounts involved can be individually and cumulatively
small or large. In this category falls one of the earliest forms of cracking,
phreaking which is the simulating of the particular tone that allows access to US
long distance telephone services. Telephone Service theft remains a major form
of financially motivated Cracking.
2.2.3 Hacktivism:
Hacktivism is the active use of the internet with hacking techniques to make a
political statement or promote a political cause. This does not include the
maintenance of a website with apolitical view, participation in political chat
groups or sending individual e-mails with political content. This type of activity
referred to by this neologism is the hijacking, defacement, or destruction of
another’s website for political motives, secretly hacking activity on government
computer so that the public or particularly affected people are informed of
developments, destructions of files or computers for political reasons, sending
of mass e-mails in order to shut down a computer system with political uses, and
so forth.
4. CONCLUSION
This research shows that for huge development in computer and internet
technology all credit goes to hackers, but because of crackers they are now
considered as thieves and intruders who penetrates our security and misuse it.
There are many techniques that hackers/crackers use for hacking. Hacking and
cracking both are good as well as bad in different terms. But in today’s world
both plays important role in growing technology. If hacking is used to build
something, then cracking finds a way to break them. The focus of hacker attacks
has moved with improving security measures, as the attackers seek to find a weak
point in system defenses. This leads to improvement in security but the level of
technical attack sophistication continues to rise.
5. REFERENCES
1. Google
2. Wikipedia
3. How Hackers Do It:
Tricks, Tools, and Techniques
(Alex Noordergraaf, Enterprise Server Products
Sun BluePrints™ OnLine—May, 2002).
4. www. Researchpublish.com
5. International Journal of Computer Science and Information Technology
Research
Vol. 2, Issue 2, pp: (183-189), Month: April-June 2014,
6. http://www.gangte.net/2013/09/top-10-best-hacking-tools.html
7. http://whatishacking.org/
8. https://www.guru99.com/what-is-hacking-an-introduction.html