Post on 17-Jul-2016
description
TABLE OF CONTENTS
•Introduction to Hacking
•History of computer hacking
•Difference between Ethical and Unethical Hacking
•Ethical Hacking is not complicated •Victims are careless that’s why they get hacked
•Common Mistakes, do’s and don’ts •Mobile, Desktop, Wifi, Email, Social Media, Download
•Limits of Hacking (Medical Devices, CAR) •Future (Earth’s Environment, Human Brain) •Career in ethical hacking
•Our course
INTRODUCTION TO HACKING
•Hacking is the act of exploring and manipulating the works of another computer or other technological device or system, either for the purpose of understanding how it works or to gain unauthorized access. •Hacker is someone who seeks and exploits weaknesses in a computer system or computer network.
HISTROY OF COMPUTER HACKING
•Computer hacking was born in the late 1950s, when members of MIT’s Tech Model Railroad Club, obsessed with electric switching, began preparing punch cards to control an IBM 704 mainframe. •The virus was called “Brain” written by 2 brothers Basit Farooq Alvi and Amjad Farooq Alvi who were from Pakistan. The infected computers had the following message on their screen: “Welcome to the Dungeon © 1986 Brain & Amjads (pvt). BRAIN COMPUTER SERVICES 730 NIZAM BLOCK ALLAMA IQBAL TOWN LAHORE-PAKISTAN PHONE: 430791,443248,280530. Beware of this VIRUS.... Contact us for vaccination...”
Hacker vs CRACKER
Features of a Hacker (White Hat Hacker) •Abundance of knowledge and experience •Good Guy
•Strong Ethics •Never indulges in Crime
•Catches Computer Criminals Features of a Cracker (Black Hat Hacker) •Abundance of knowledge and experience
•Bad Guy
•Low Ethics •Indulges in Crime mostly. •Is a Computer Criminal himself
Ethical Hacking vs Unethical Hacking
Unethical Hacking means
unauthorized access to Data/System
of other person without his knowledge
and permission.
Ethical Hacking means perform hacking
with the permission of the owner of the
Data or System.
It is also known as Penetration Testing.
>> Common Password :- Normally all user use very common password.
Like – own name , mobile no , 123,12345 , abc@123 etc.
>> Simple Password :- It is advisable that user must use Strong Password , which
contains Alpha+Numeric+Symbol (Alpha should be in Upper
and Lower case)
Ex- training@ATL01
>> Phishing Attack :- Most of the time we click on every link get hacked under
Phishing Attack, Malwares.
Pirated O.S. and Anti-virus :-
Mostly all computer user use the pirated (not genuine) operating
system and Anti-virus software. That’s why their computer system
are vulnerable to Computer threats.
Update :- Normally computer users do not update their Operating System
and all application software, and they are vulnerable to threats
from Internet.
Download :- Download from untrusted source led the computer system malware
infected.
Social Media :-
>> Now every user have their account on each social media site, it is increasing
threats rate also, more and more script kiddies and sophisticated hackers
targeted the social networking website like Facebook etc.
>> Hackers steal the Identity of user and use them for their fun and other malign
purposes.
>> Phishing , Tab nabbing , Smishing and Vishing are some common types of
attack indulge in today’s scenario.
>> Identity Theft is the big issue when any one using social media.
SOCIAL - MEDIA
Phishing Attack ( SOCIAL -MEDIA)
Phishing is a type of Internet fraud that seeks to acquire a user’s credentials by
deception. It includes theft of passwords, credit card numbers,
bank account details
and other confidential information.
Phishing messages usually take the form of fake notifications from banks,
providers,
e-pay systems and other organizations. The notification will try to encourage a
recipient, for one reason or another, to urgently enter/update their personal data.
Such excuses usually relate to loss of data, system breakdown, etc
Tab-nabbing Attack (SOCIAL - MEDIA)
Tabnabbing is a computer exploit and phishing attack, which persuades
users to submit their login details and passwords to popular websites by
impersonating those sites and convincing the user that the site is genuine.
E-mail Hacking
>> It is include Fake email (forge email) and Malware infection through email
attachment.
>> Fake E-mail :- fake email is also computer threat to user. In this attacker spoof
the identity or using fake mailer to send the fake emails to the
victim.
>> Malware Infection :- Attackers infect the computer system with email attachments
via binding malware as a attachment like Trojans and Bots
bind with file.
HOW EMAIL HACKING WORKS
Signing in to her account
sweetaashima16@gmail.com
Signing in to the account
coolnitin10@yahoo.com
Process
Yahoo sends the Email to the Gmail
Nitin sends an Email to
sweetaashima16@gmail.com
Gmail receives the Email from Yahoo
Internet yahoo.com gmail.com
sweetaashima16@gmail.com
gets the Email in her Inbox
>>Do you get mails of lottery ticket …Are these mails genuine..????? >>But still they come to your Email ID…..??? >>How do they reach your Email ID…?? >>These mails reach through the mailing scripts.
Fake Mail
Email from students id to faculty’s ID stating abusive language can result in your termination Email to CBI stating a bomb in assembly can land you in jail. You can be arrested for sending fake mails.
Effects of Fake Mail
Did you got an email for friendship invitations from your friends…!! Beware….it could be an attack to hack your password As you click on the link you get a page to login and when you login you are again redirected to the login page by the time u login the username and password are stolen. This
attack is called PHISHING
E-mail Account Hack
User gets an Email
Dear User,
You have got an Friend
Request from Cool Dude
Salman Khan.
Please click on the below link
to accept the friend request.
www.faebook.com\836482384.
aspx
Regards,
Facebook Administrator
Clicks on the Link www.0facebook.com\836482384.aspx
Facebook Login
Page
Username: pooja
Password: ihateluv
Home page
of the User
Profile Pooja
ihateluv
Victim Gets
the
Account
Opened
Attacker gets UserID &
Password on his Email
CALL SPOOFING (MOBILE HACKING)
CALL SPOOFING :- Caller ID spoofing is the practice of causing the telephone
network to display a number on the recipient's Caller ID display that is not that of
the actual originating station. The term is commonly used to describe situations in which
the motivation is considered malicious by the speaker or writer. Just as e-mail spoofing
can make it appear that a message came from any e-mail address the sender chooses,
Caller ID spoofing can make a call appear to have come from any phone number the
caller wishes
Mobile Phone Spying (MOBILE HACKING)
MOBILE SPYING :- Spy on a cell phone by locating it, tracking it, as well as having
access to SMS messages, contact lists, and call history.
cell phone spy software silently monitors your child or employee's Smartphone activity
on iPhone, Android, BlackBerry and other mobile phones.
SYSTEM HACKING
Cracking all layers security of Windows platform
Application Layer Security : - We can crack , reset and reveal application layer
password with TRK ,ERD Commander, OPH crack
tool.
Shell Layer Security : - We can crack Shell layer SYSKEy password with HIREN
BOOT tool.
Kernel Layer Security :- for this we can simply remove the BIOS/CMOS cell(battery)
FACEBOOK HACKING
>>Social media has become the most popular cult on internet.
>> When you think social media, FACEBOOK is the first word that comes to mind.
>> Did you know?
* If Facebook were a country, it would be the third largest country in the world
(after China and India) with 1 billion users; that is equal to one seventh of the world
population.
* 1 of every thirteen people in the world is using facebook.
* Iceland included Facebook in it’s constitution
* 4% of all photos ever taken in history of mankind are on facebook
* In 2006, a guy named Chris Putnam hacked into Facebook and made thousands of
profiles look like MySpace profiles. Facebook hired him.
* Over 350 million people suffer from Facebook Addiction Disorder (FAD)
FACEBOOK HACKING >> Users join Facebook thinking that it is a very safe place to live a parallel life
but this is not the case. Even Facebook has security loop holes which can be
exploited.
>> With this popularity Facebook has become a hotspot for Hackers , it is
actually more of a challenge than a job; in fact Facebook pays $500 to anyone
who hacks into it.
Who wants to hack Facebook accounts?
* Worried parents want to know what goes on in their children’s lives.
*Jilted lovers trying to find out answers.
* Obsessed stalkers.
*Law Enforcement Agencies monitor facebook activities to find anything suspicious.
*Business Competitors fish for information.
*Private investigation Agencies try to collect maximum information about the subject.
*Major Intelligence agencies around the world continuously monitor the data flow in
Facebook. Etc.
HOW FACEBOOK HACK
Ever wondered how all this happens?
This is all possible by the newly developing Facebook hacking techniques.
>>Facebook hacking is not just a fun activity or a simple job, it has turned into a
business where professional hackers charge handsome sums of money to hack
an account. These hackers mostly work as freelancers.
>>To become a Facebook hacker one has to go through a certain amount of training
and very high intelligence level. It is a very challenging job, the most common ways
through which facebook accounts get hacked include:
1) Weak passwords
2) Phishing and Desktop Phishing
3) Tabnabbing
4) Keyloggers
5) Malwares