CE33201

Ethical Hacking Basics Eka Stephani Sinambela

 Think: Do I really need to print this?

27-2-2019 KAJAR_1819/ESS 2
Old School Hackers: History of Hacking
• PREHISTORY
– 1960s: The Dawn of Hacking
Original Meaning of the word “hack” started at MIT; meant
elegant, witty or inspired way of doing almost anything; hacks
were programming shortcuts
• ELDERS DAYS (1970 -1979)
– 1970: Phone Phreaks and Cap’n Crunch: One phreak, John
Draper, discover a toy whistle inside cap’n crunch cereal gives
2600 herts signal, and can access AT&T’s long distance switching
system.
– Draper build a “blue box” used with whistle allows phreaks to
make free calls
– Steve Wozniak and Steve Jobs, futures founders of Apple
Computer, make and sell Blue Boxes

27-2-2019 KAJAR_1819/ESS 3
 Old Scholl Hackers: History of Hacking
• 1980 : Hacker Message Board and Groups
– Hacking Groups form: such as legion of doom (US)
, Chaos Computer Club (Germany)
– 1983: Kid’s game movie “War Games” Introduces
public to hacking
• CARCKDOWN (1986- 1994)
– 1989: The German, the KGB and Kevin Mitnicks
– Hackers German arrested for breaking into U.S
computers; sold information to Soviet
27-2-2019 KAJAR_1819/ESS 4
 Old Scholl Hackers: History of Hacking
• 1993: Why buy a car When you can hack one?
– Radio station call in contest; hacker Kevin Poulsen
and friend crack the phone; they got two
Porsches, $20,000
• Zero Tolerance (1994 – 1998)
– 1995: The Mitnick Takedown: arrested again;
charged with stealing 20,000 credit card numbers.
• 1999 hackers attack Pentagon, MIT, FBI web
sites

27-2-2019 KAJAR_1819/ESS 5
 Famous Hacker in History

27-2-2019 KAJAR_1819/ESS 6
 Security Basic: CIA
• It is not “Central Intelligence Agency”
• The holy trinity of IT security:
– Confidentiality,
– Integrity, and
– Availibity

27-2-2019 KAJAR_1819/ESS 7
 Confidentiality
• Addressing the secrecy and privacy of
information, refers to the measures taken to
prevent disclosure of information or data to
unauthorized individuals or systems.
• Example:
– The use of passwords to ensure only you have the
access to a particular device or set of networks.
– Numerous other options are available to ensure
confidentiality such as encryption, biometrics, and
smart cards.
27-2-2019 KAJAR_1819/ESS 8
 Integrity
• Refers to the methods and actions taken to protect
the information from unauthorized alteration
or revision (whether the data is at rest or in transit)
• Integrity measures ensure the data sent from the
sender arrives at the recipient with no alteration.
– Example, hash function (MD5 and SHA-1) often used to
ensure integrity
• Oftentimes, attacks on the integrity of information are
designed to cause embarrassment or legitimate
damage to the target

27-2-2019 KAJAR_1819/ESS 9
 Availability
• Refers to the communications systems and
data being ready for use when legitimate
users need them.
• Attacks against availability all fall into the
“Denial of Service” (DoS).
– It is designed to prevent legitimate users from
having access to a computer resource or service.

27-2-2019 KAJAR_1819/ESS 10
The Security, Functionality, and Ease of
Use Triangle

27-2-2019 KAJAR_1819/ESS 11
The Security, Functionality, and Ease of
Use Triangle
Why is it represented as a triangle?
• If you start in the middle and move the point
toward Security, you’re moving further and
further away from Functionality and Ease of Use.
• Move the point toward Ease of Use, and you’re
moving away from Security and Functionality.
• Simply put, as security increases, the system’s
functionality and ease of use decrease.

27-2-2019 KAJAR_1819/ESS 12
 Defining the Ethical Hacker
• Ethical hacker
– Someone who employs the same tools and techniques a
criminal might use, with customer’s full support and
approval, in order to help secure a network or system.
– Employed by customers to improve security
• Cracker/malicious hacker
– Uses those skills, tools, and techniques for either personal
gain or destructive purposes or, in purely technical terms,
to achieve a goal outside the interest of the system owner.
– Either act on their own or, in some cases, act as hired
agents to destroy or damage government or corporate
reputation

27-2-2019 KAJAR_1819/ESS 13
 Hacker Classes: The Hats
• Black hats use their computer skills for illegal or
malicious purposes. This category of hacker is often
involved with criminal activities and is sought by law
enforcement agencies.
• White hats use their hacking ability for defensive
purposes. White hats include security analysts who are
knowledgeable about hacking countermeasures.
• Gray hats this hackers are neither good nor bad.
• Suicide hackers are hacktivists who are willing to
become martyrs for their causes. They attempt to
sabotage large-scale infrastructures and are fully
willing to accept any consequences of their actions.

27-2-2019 KAJAR_1819/ESS 14
 Hacker Classes: The Hats
Coders
• Have ability to find unique vulnerability
• Have deep understanding of OSI Layer model and TCP/IP stacks

Admin
• Have experience with OS
• Exploit existing vulnerabilities

Script Kiddies
• Use script and programs developed by others
• Can cause serious problems

27-2-2019 KAJAR_1819/ESS 15
 Ethical Hacking Steps

27-2-2019 KAJAR_1819/ESS 16
 Ethical Hacking Steps
• Reconnaissance
– Gather evidence and information on the targets.
– Passive reconnaissance: Trying to collect the information about
the target without directly accessing the target. This involves
collecting information from social media, public websites etc.
– Active reconnaissance: Directly interacting with the target to
gather information about the target. E.g., Using Nmap tool to
scan the target
– Tool: NMAP, Hping, Maltego, and Google Dorks
• Scanning and enumeration
– Security professionals take the information they gathered in
recon and actively apply tools and techniques to gather more
in-depth information of the targets.
– Tool: Nessus, Nexpose, and NMAP

27-2-2019 KAJAR_1819/ESS 17
 Ethical Hacking Steps
• Gaining access
– the vulnerability is located and you attempt to exploit it
in order to enter into the system.
– Tool: Metasploit
• Maintaining access
– The hacker has already gained access into a system.
– Tool: Metasploit
• Covering tracks
– Attacker attempts to conceal their success and avoid
detection by security professional.
– Example: removing or altering log files, hiding files with
hidden attributes or directories.

27-2-2019 KAJAR_1819/ESS 18
 Ethical Hacking Steps
• Good ethical hackers performing a pen test
ensure these steps very well documented
(Reporting).
• The ethical hacker compiles a report with his
findings such as vulnerabilities found, tools
used, the success rate, the exploit process,
screenshots and log files.

27-2-2019 KAJAR_1819/ESS 19
 Ethical Hacking Testing Types
• In order to get knowledge about the Target
Evaluation (TOE), ethical hacker may does
three different types of testing (pen test),
namely:
– Black box testing
• The ethical hacker has absolutely no knowledge of the
TOE.
• This type takes the most amount of time to complete
(usually use brute-force attack and automated process).
• Commonly called as “trial and error” approach.

27-2-2019 KAJAR_1819/ESS 20
 Ethical Hacking Testing Types
– White box testing
• Pen testers have full knowledge of the network,
system, and infrastructure of the target.
• Quicker time frame
• Assumes that the attacker is an insider
– Gray box testing/partial knowledge testing
• Pen testers only have partial knowledge of the
network, system, and infrastructure of the target.
• Both manual and automated testing processes can be
utilized.

27-2-2019 KAJAR_1819/ESS 21
 Attack Types
• Operating System Attacks
– Common mistake many people make when installing
operating systems by accepting and leaving all the
defaults
• Application Level Attacks
– Attacks on the actual programming codes of an
application.
– Many applications are not tested for the
vulnerabilities.
– Applications on network are a goldmine for most
hackers.

27-2-2019 KAJAR_1819/ESS 22
 Attack Types
• Shrink-Wrap Code Attacks
– These attacks take advantage of the built-in code and
scripts most off-the-shelf applications come with.
– These scripts and code pieces are designed to make
installation and administration easier, but can lead to
vulnerabilities if not managed appropriately.
• Misconfiguration Attacks
– These attacks take advantage of systems that are, on
purpose or by accident, not configured appropriately
for security.
27-2-2019 KAJAR_1819/ESS 23
 Hacking Terminologies
• Threat: An action or event that might compromise security. A threat is a
potential violation of security.

• Vulnerability: Existence of a weakness, design, or implementation error

that can lead to an unexpected and undesirable event compromising the
security of the system.

• Target of Evaluation: An IT system, product, or component that is

identified/subjected to require security evaluation.

• Attack: An assault on the system security that is derived from an

intelligent threat. An attack is any action that violates security

• Exploit: A defined way to breach the security of an IT system through

vulnerability

27-2-2019 KAJAR_1819/ESS 24
 Conclusion

“To catch a thief think like a thief similarly to

catch a hacker think like a hacker”

27-2-2019 KAJAR_1819/ESS 25
 Thank you

27-2-2019 KAJAR_1819/ESS 26