In the name of God

subject:

HACK
supervisor:
Dr. Sheikhi

creators:
Alireza Honardoost Seyed Ali Toliat
Alireza Sherkatavval
 What’s the meaning of HACK?

Literary meaning: gnimia tuohtiw netfo ,yaw tneloiv dna hguor a ni seceip otni tuc ot
.yltcaxe

Terminological meaning: redro ni noissimrep tuohtiw smetsys retupmoc rehto otni teg ot
.lagelli gnihtemos od ro noitamrofni tuo dnif ot
5of the Biggest Computer Hacks

in History
.1Operation Shady RAT
These attacks began in sloot ssecca etomer fo noitazilitu sti rof TAR demaN si hcihw , 2006
.dlrow eht ni erehwyna morf dellortnoc yletomer eb ot sretupmoc wolla taht

Those victimized include the United Nations, worldwide businesses, the World Anti-Doping
Agency, the International Olympic Committee, etc.

Operation Shady RAT Victims Geographical Locations (Alperovitch,

)2011
.2Department Of Defense Hack

Between August fo seires a dettimmoc semaJ nahtanoJ , 1999 ,27 rebotcO dna ,1999 ,23
.smetsys suoirav otni snoisurtni

What brought him to the attention of federal authorities, however, was his intrusion into the
computers of one of the divisions of the United States Department of Defense.
.3Melissa Virus

We can say it was the first inclusive computer

virus.

David L. Smith disguised his virus as a simple

Microsoft Word program, and he sent it to
countless unsuspecting recipients .

Before long, Melissa had compromised 20

percent of the world’s computers and forced
big companies like Intel and Microsoft to shut
down all outgoing mail programs to solve the
problem.
.4Comodo Hack

Comodo, a company that provides those certificates(SSL), was hacked in 2011 by an Iranian
programmer.

He could create fake security certificates that led people to believe that they were logging into
Yahoo or Google. It allowed the hacker to eavesdrop on any email sent from these services
and gain personal information.
.5Playstation Network Hack

This particular hack clearly demonstrates that more than just computers are at risk of being
compromised.

In fo ssol eht ni detluser hcihw ,metsys krowteN noitatSyalP eht dessecca rekcah a , 2011
77 emos rof noitamrofni lanosrep dna atad million users.

The company had to shut down for 20 days and lost an estimated $171 million.
Types of Hackers
Hackers
People involved in stealing data, harming the systems, or intruding systems to evaluate their
security are knowledgeable people with wrong and right intentions known as Hackers.

There are different types of hackers. Let’s take a look at the types of hackers and the
methods of hack attacks and techniques.
.1White Hat Hackers

White hat hackers are certified to hack the systems that work for governments or
organizations as per the rules and regulations set by the government.

White hat hackers are also known as ethical hackers.

Motives & Aims: na dna sessenisub gnipleh era srekcah fo sepyt eseht fo slaog ehT
’skrowten ni spag gnitceted rof etiteppasecurity
.2Black Hat Hackers

Black hat hackers attack other systems to access systems where they do not have
authorized entry and steal the data or destroy the system.

Motives & Aims: To hack into organizations ’networks and steal bank data, funds, or
sensitive information.
They usually use the stolen resources to profit themselves by selling them on the black
market or harass their target company.
.3Gray Hat Hackers

The Gray hat hacker falls in between the black hat hackers and white hat hackers. They are
not certified, hackers. These types of hackers work with either good or bad intentions .

Motives & Aims: The difference is, they don’t want to rob people nor want to help people in
particular.
Rather, they enjoy experimenting with systems to find loopholes, crack defenses, and
generally find a fun hacking experience.
- There are other types of hackers that include:

.4Script Kiddies

.5Green Hat Hackers

.6Blue Hat Hackers

.7Red Hat Hackers

.8State/Nation Sponsored Hackers

.9Hacktivist

.10Malicious insider or Whistleblowe

Common Hacking Techniques
.1SQL injection attack
SQL injection is a web security vulnerability that allows an attacker to interfere with the
queries that an application makes to its database.

In many cases, an attacker can modify or delete this data, causing persistent changes to the
application's content or behavior.
- Here are a wide variety of SQL injection vulnerabilities, attacks, and techniques, which arise
in different situations.
Some common SQL injection examples include:

Retrieving hidden data.stluser lanoitidda nruter ot yreuq LQS na yfidom nac uoy erehw ,

Subverting application logic eht htiw erefretni ot yreuq a egnahc nac uoy erehw ,
.cigol s'noitacilppa

UNION attacks.selbat esabatad tnereffid morf atad eveirter nac uoy erehw ,

Examining the database erutcurts dna noisrev eht tuoba noitamrofni tcartxe nac uoy erehw ,
.esabatad eht fo

Blind SQL injection eht ni denruter ton era lortnoc uoy yreuq a fo stluser eht erehw ,
.sesnopser s'noitacilppa
How to prevent SQL injection?
Most instances of SQL injection can be prevented by using parameterized queries (also
known as prepared statements) instead of string concatenation within the query.

The following code is vulnerable to SQL injection because the user input is concatenated
directly into the query:
String query = "SELECT * FROM products WHERE category = '"+ input;"'" +
Statement statement = connection.createStatement;)(
ResultSet resultSet = statement.executeQuery(query);

This code can be easily rewritten in a way that prevents the user input from interfering with
the query structure:
PreparedStatement statement = connection.prepareStatement("SELECT *
FROM products WHERE category = ?");
statement.setString(;)tupni ,1
ResultSet resultSet = statement.executeQuery;)(
Parameterized queries can be used for any situation where untrusted input appears as data
within the query, including the WHERE clause and values in an INSERT or UPDATE
statement.

They can't be used to handle untrusted input in other parts of the query, such as table or
column names, or the ORDER BY clause .

For a parameterized query to be effective in preventing SQL injection, the string that is used
in the query must always be a hard-coded constant, and must never contain any variable
data from any origin .

Do not be tempted to decide case-by-case whether an item of data is trusted, and continue
using string concatenation within the query for cases that are considered safe.

It is all too easy to make mistakes about the possible origin of data, or for changes in other
code to violate assumptions about what data is tainted.
 .2Denial of Service/Distributed Denial of Service
(DoS/DDoS)
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal
traffic of a targeted server, service or network by overwhelming the target or its surrounding
infrastructure with a flood of Internet traffic.

From a high level, a DDoS attack is like an unexpected traffic jam clogging up the highway,
preventing regular traffic from arriving at its destination.
How does a DDoS attack work?
DDoS attacks are carried out with networks of Internet-connected machines. These networks
consist of computers and other devices which have been infected with malware, allowing
them to be controlled remotely by an attacker .

These individual devices are referred to as bots (or zombies), and a group of bots is called a
botnet.

When a victim’s server or network is targeted by the botnet, each bot sends requests to the
target’s IP address, potentially causing the server or network to become overwhelmed,
resulting in a denial-of-service to normal traffic.
Hacking Activity (Ping of Death)
We will assume you are using Windows for this exercise. We will also assume that you have
at least two computers that are on the same network.
You will need to set up your own network for this exercise, because DOS attacks are illegal
on networks that you are not authorized to do so.

Open the command prompt on the target computer and enter the command “ipconfig uoY .”
.nettirw si retupmoc tegrat eht fo sserdda PI eht erehw stluser eht teg lliw

For this example, we are using Mobile Broadband connection details. Take note of the IP
address.

Note:.krowten NAL a esu tsum uoy dna ,evitceffe erom eb ot elpmaxe siht roF
Switch to the computer that you want to use for the attack and open the command prompt.
We will ping our victim computer with infinite data packets of .65500
Enter the following command:
ping <IP address> –t 65500

● “ping ”sends the data packets to the victim

● -“t ”means the data packets should be sent until the program is stopped
● -“l ”specifies the data load to be sent to the victim

You will get results similar to the ones shown below:

In order for the attack to be more effective, you should
attack the target computer with pings from more than one
computer.

The above attack can be used to attacker routers, web

servers etc.

If you want to see the effects of the attack on the target

computer, you can open the task manager and view the
network activities.

You will get similar results:

Defending Against DDoS Attacks
Identifying and mitigating DDoS attacks can be a real challenge in today's world.

Many use a combination of different attacks to foil security teams, evade detection, and
maximize results .

In fact, about one-third of the DDoS attacks mitigated by Akamai this year have involved three
or more attack vectors, including an impressive 1.44 Tbps attack that employed nine different
attack vectors.
- Here are 10 concrete actions you can take to strengthen your system or company's security
posture against DDoS attacks:

)1Know your traffic.

)2Build your defensive posture during peacetime, steered by your executive team's risk
assessment guidelines.
)3Have a restrictive Plan B defensive posture ready to go.
)4Eliminate political obstacles and organizational barriers that might impair SecOps agility.
)5Include cybersecurity in business continuity, disaster recovery, and emergency response
planning .
)6Practice good cyber hygiene.
)7Use a combination of automated and human mitigation.
)8Consider implementing a Zero Trust security model.
)9Engage your upstream providers to prepare and address risks.
)10Test, re-test, document, and measure
.3Clickjacking attack
It is an attack that tricks a user into clicking a webpage element which is invisible or disguised
as another element. This can cause users to unwittingly download malware, visit malicious
web pages, provide credentials or sensitive information, transfer money, or purchase
products online.

Clickjacking is an interface-based attack in which a user is tricked into clicking on actionable

content on a hidden website by clicking on some other content in a decoy website.
How to construct a basic clickjacking attack?

Clickjacking attacks use CSS to create and manipulate layers.

The attacker incorporates the target website as an iframe layer overlaid on the decoy
website .
<head> An example using the style tag and parameters is as follows:
< style>
# target_website{
position:relative;
width:128px;
height:128px;
opacity:;0.00001
z-index:;2
}
# decoy_website{
position:absolute;
width:300px;
height:400px;
z-index:;1
}
/< style>
/<head>
...
<body>
< div id="decoy_website>"
... decoy web content here...
/< div>
< iframe id="target_website" src="https://vulnerable-website.com>"
/< iframe>
/<body>
How to prevent clickjacking attacks?
Server-side protection against clickjacking is provided by defining and communicating
constraints over the use of components such as iframes.

However, implementation of protection depends upon browser compliance and enforcement

of these constraints.

Two mechanisms for server-side clickjacking protection are X-Frame-Options and Content
Security Policy.
)1X-Frame-Options
X-Frame-Options was originally introduced as an unofficial response header in Internet
Explorer 8 and it was rapidly adopted within other browsers.

The header provides the website owner with control over the use of iframes or objects so that
inclusion of a web page within a frame can be prohibited with the deny directive:
X-Frame-Options: deny
Alternatively, framing can be restricted to the same origin as the website using the
sameorigin directive:
X-Frame-Options: sameorigin
or to a named website using the allow-from directive:
X-Frame-Options: allow-from https://normal-website.com

It can provide effective protection against clickjacking attacks When

properly applied in conjunction with Content Security Policy as
part of a multi-layer defense strategy.
)2Content Security Policy (CSP)
Content Security Policy (CSP) is a detection and prevention mechanism that provides
mitigation against attacks such as XSS and clickjacking.
CSP is usually implemented in the web server as a return header of the form:
Content-Security-Policy: policy
The CSP provides the client browser with information about permitted sources of web
resources that the browser can apply to the detection and interception of malicious behaviors.

The recommended clickjacking protection is to incorporate the frame-ancestors evitcerid

.yciloP ytiruceS tnetnoC s'noitacilppa eht ni
The following CSP whitelists frames to the same domain only:
Content-Security-Policy: frame-ancestors 'self;'
Alternatively, framing can be restricted to named sites:
Content-Security-Policy: frame-ancestors normal-website.com;
To be effective against clickjacking and XSS, CSPs need
careful development, implementation and testing and should be used
as part of a multi-layer defense strategy.
 Conclusion
The intent behind hacking is what sets the hackers apart. The knowledge is used for harming
individuals or governments or for personal gain which makes hackers dangerous. The types
of hacker attacks vary from organization to organization. The intensity and type of attack are
dependent on the hackers ’ability to find the loophole and penetrate the security system. This
has put up a huge challenge to organizations and governments to be updated with their
cybersecurity at all times.
Resources:
https://www.computersciencedegreehub.com/lists//yrotsih-skcah-retupmoc-tseggib-5
https://www.researchgate.net/figure/Operation-Shady-RAT-Victims-Geographical-Locations-
Al
perovitch-269100843_3gif_2011
https://tools.hornetsecurity.com/cyber-security-facts
https://www.jigsawacademy.com/blogs/cyber-security/different-types-of-hackers/#Black-Hat-
H
ackers
https://blogs.akamai.com/lmth.skcatta-sodd-tsniaga-tcetorp-ot-syaw-2020/12/10
https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/
https://www.guru2#lmth.skcatta-sod-ot-ediug-etamitlu/moc.99
https://www.a10networks.com/blog//skcatta-sodd-suomaf-tsom-5
https://portswigger.net/web-security/sql-injection
https://portswigger.net/web-security/clickjacking
 The End
Thanks for attention!
Question?

ar.sherkatavval@gmail.com