Professional Documents
Culture Documents
ETHICAL HACKING
Hackers
What is Hacking ?
It must be clever.
It must produce more good than bad,
and it must not be malicious.
It should be unexpected, or out of
the ordinary.
It need not pertain to computers.
Hack Ideas
o Qualities of
hacker: Lots of
knowledge Good
Guy
Strong Ethics
Helps in catching cyber criminals
Hacker vs Cracker
Qualities of
cracker Lots of
knowledge Bad
ethics
Cyber criminals
Skills of Hacker
C and M - I
Data Structures and M-II
DLD , JAVA & web Technology and M-
III (Probability)
CSA, OS, DBMS
Microprocessors, Data Communications
Computer Networking
Cryptography & Network Security
Wireless Communication
Getting started to learn
Hacking
TCP/IP
IP Address
MAC Address
Ports
Web Architecture
LAN Architecture
DOS Commands
Web Architecture
To find IP Address
ipconfig
1. Hardware Ports
2 Software Ports
There are 65536 software ports in
an operating system.
Sockets
1. Public IP Address
2. Private IP Address
finding public and private IP Address
1. Static IP Address
2. Dynamic IP Address
Network Address Translation
(NAT)
The current implementation of IP
addressing provides users with a very
limited number of IP address .
To solve this shortage problem , a number
of organizations have started implementing
NAT addressing, which allows them to use
a single public IP address for a large
number of internal systems having unique
private IP addresses.
If any external systems communicates with
two different internal systems in NAT
network, then it will be impossible to
differentiate between two systems.
Working of NAT
Thus in this case, you first have to establish a direct connection with your
friend’s computer by either sending him a file or by using the call feature.
Then, goto MSDOS or the command line and type:
C:\>netstat -n
This command will give you the IP Address of your friend’s computer.
Instant Messanger
1. Ask your friend to come online and chat with you.
C:\>netstat -n
This command will give you the IP Address of your friend’s computer.
Getting IP from Website
Working:
Definition:
Working:
Tools:
MultiProxy
Onion Routing: Using Tor
Network
1.nslookup
2. net view
3.net use
4. net user
5. ping
6. tracert
7.arp
8. route
9. nbtstat
10.netstat
11. ipconfig
Ping
syntax:
nslookup www.thehackbook.com
nslookup
C:\program files\nmap>nmap –
sP thehackbook.com
nmap sends ICMP echo request
to thehackbook .com
To Carry out UDP probing:
C:\program files\nmap>nmap –
PU thehackbook.com
C:\program files\nmap>nmap –
PN thehackbook.com
OS Detection
C:\program files\nmap>nmap –
O www.google.com
C:\program files\nmap>nmap –A
www. google.com
Os detection using websites: use PHP
script to detect visitors OS and browser
Executing the Attack
1.Ping of Death
2.Teardrop attacks
3.SYN flood attacks
4. Land Attacks
5.Smurf Attacks
6. UDP flood Attacks
7.DDOS Attacks
8. Modem-disconnect Attack
Tear Drop Attack
For Example,
Tools:
Sniffers are tools that can capture all data packets being sent across
the entire network in the raw form.
Threats:
Tools:
1.Stack Overflows
2. Format String Overflows
3.Heap Overflows
4. Integer overflows
Stack Overflow
steps :
1. IDEntify and take control of a
vulnerable application running on the
target computer
Social Enginnering
Password guessing
Phishing attacks
Key Loggers
Sniffing attacks
Man in the middle attack
Tab Nabbing- Latest kind of phishing
attack
Phshing Attack
Fake login
page: Demo.
www.facebook.thehackbook.com
www.gmail.thehackbook.com
Tab Nabbing
Definition:
Working:
Software: Eraser
download: http://eraser.heidi.ie/
Windows Toolkit