My Hacking Report

8/7/2019 My Hacking Report

1/33

A

TRAINING REPORT

Submitted as a requirement for the partial fulfillment of DegreeBachelor of Technology in Information Technology

From

Rajasthan Technical University, Kota

Ethical HackingAT

APPIN KNOWLEDGE SOLUTIONS,DELHI

SUBMITTED TO: SUBMITTED BY:

Mr.Nitesh Chouhan Abhishek Jha

(Project incharge) (Final Year IT)

M. L. V. Textile and Engineering College

An Autonomous Engg. College of Rajasthan Govt.

Bhilwara(Rajasthan)

1


2/33

Acknowledgment

I would like to take this opportunity to express my heartfelt gratitude to a

number of people for their constant support.

First and foremost, I would like to thank Asst. Professor Mr.Mukesh

Verma (Head of Department - IT Dept.) all the encouragement and

support he offered. I would also like to thank all the faculty members for

their precious suggestions.

I am deeply indebted to Asst. Professor Mr. Anurag Jagetiya (Training

Placement Officer) for all the motivational and technical help that he

selflessly offered to me.

I humbly thank Asst. Professor Mr. Nitesh Chouhan (Lect. IT Dept.).

Last but not the least, I would like to thank my elders and friends who

believed in me and always inspired me to be dedicated to my training.

Thank you

Abhishek Jha

2


3/33

PREFACE

The Internet has really changed our lives. However, with the use

of the Internet in every single home and office, a lot of privacy concerns come

up. This seminar explores the numerous dangers of protecting information and

information systems from unauthorized access, use, disclosure, modification, or

destruction. Keywords that we will discuss include: Foot printing, Scanning,

Trojans, Key loggers, Sniffers, Proxy Servers, and many more topics. With the

correct mix of technical details and business insights, this talk also explores the

various intellectual property protection issues that Outsourcing brings with

itself. Plenty of real life case studies will be used to demonstrate the widespread

threat of the Internet for both individuals and the corporate world.

Abhishek Jha

FINAL YEAR (IT)

3


4/33

4


5/33

S.No. Topic Page No.

1 INTRODUCTION 1

1.1 Security 11.2 Need for Security 1

1.3 Hacking 2

1.4 Types of Hacking 2

1.5 Can hacking be done Ethically 3

1.6 Ethical Hacking 3

1.7 What does an ethical hacker do? 4

2 Ethical Hacking 6

2.1 Analogy with Building Robbing 62.2 Methodology of Hacking 7

2.3 Foot printing 8

2.3.1 Google 9

2.3.2 Sam Spade 9

2.3.3 Email Tracker and Visual Route 11

2.4 Scanning 14

2.4.1 War Dialing 14

2.4.2 Pingers 14

2.4.3 Port Scanning 152.4.4 Super Scan 16

2.5 System Hacking 17

2.5.1 Password Cracking 17

2.5.2 Loft Cracking 18

2.5.3 Privilege Escalation 20

2.5.4 Metasploit 20

2.5.5 Man In the Middle Attack 20

2.6 Maintaining Access 21

2.6.1 Key Stroke Loggers 212.6.2 Trojan Horses & Backdoors 21

2.6.3 Wrappers 22

2.6.4 Elite Wrap 23

2.7 Clearing Tracks 24

3 Conclusion 25

4 References 27

5


6/33

COMPANY PROFILE

Appin Knowledge Solutions is a premier knowledge solutions company with

corporate offices in Austin, Texas and New Delhi, India and a presence in major

cities in India like Bangalore, Bombay and Chennai.

They offer custom consulting services, training programmes, seminars,

publications and products, mentorship cell for college students and corporate

recruitment services.

Appin was founded by professors and engineers from premier institutes like IIT

Delhi, IIT Bombay, IIT Kanpur and NSIT along with IT companies based in

USA and India.

A complete description of its founding members is available on the site:

www.appinonline.com

Appin's Ethical Hacking and IT Security Courses:

Appin runs the most advanced certificate, diploma, advanced diploma programs

in Information Security, Ethical Hacking, Computer Forensics, Secured

Programming, Cryptography, Network Security and related areas.

Maeket position:

Appin Knowledge Solutions is the biggest security consultant in north India

and one of the major security solutions provider in India.It is a $10 million

enterprise and progressing day by day.

6
http://www.appinonline.com/http://www.appinonline.com/


7/33

1.Introduction

Ethical hacking, also known as penetration testing or white-hat hacking,

involves the same tools, tricks, and techniques that hackers use, but with onemajor difference that Ethical hacking is legal. Ethical hacking is performed with

the targets permission. The intent of ethical hacking is to discover

vulnerabilities from a hackers viewpoint so systems can be better secured. Its

part of an overall information risk management program that allows for ongoing

security improvements. Ethical hacking can also ensure that vendors claims

about the security of their products are acceptable.

1.1 Security

Security is the condition of being protected against danger or loss. In the general

sense, security is a concept similar to safety. In the case of networks the security

is also called the information security. Information security means protecting

information and information systems from unauthorized access, use, disclosure,

modification, or destruction.

1.2 Need for Security

Computer security is required because most organizations can be damaged byhostile software or intruders. Moreover security is directly related to business.

This is because if a company losses a series of credit card numbers of its

customers then many customers would be hesitant to go back to the same

company and that particular company will lose many customer and hence the

business. There may be several forms of damage which are obviously

interrelated which are produced by the intruders.

These include:

lose of confidential data

damage or destruction of data

damage or destruction of computer system

loss of reputation of a company

7


8/33

There may be many more in the list due to security breaches. This means that

security is absolutely necessary.

1.3 Hacking

A hacker is a person who is interested in a particular subject and have an

immense knowledge on that subject. In the world of computers a hacker is a

person intensely interested in the arcane and recondite workings of any

computer operating system. Most often, hackers are programmers with advance

knowledge of operating systems and programming languages.

Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker

as a clever programmer.

A "good hack" is a clever solution to a programming problem and

"hacking" is the act of doing it.

Raymond lists five possible characteristics that qualify one as a hacker, which

we paraphrase here:

A person who enjoys learning details of a programming language or

system

A person who enjoys actually doing the programming rather than just

theorizing about it

A person capable of appreciating someone else's hacking

A person who picks up programming quickly

A person who is an expert at a particular programming language or

system

8


9/33

1.4 Types of Hackers

Hackers can be broadly classified on the basis of why they are hacking systemor why the are indulging hacking. There are mainly three types of hacker are as

follows:

a) Black-Hat Hacker

Black hat hackers are individuals with extraordinary computing skills, resorting

to malicious or destructive activities. That is black hat hackers use their

knowledge and skill for their own personal gains probably by hurting others.

These black hat hackers are also known as crackers

b) White-Hat Hacker

White hat hackers are those individuals professing hacker skills and using them

for defensive purposes. This means that the white hat hackers use their

knowledge and skill for the good of others and for the common good. These

white hat hackers are also called as security analysts.

c) Grey-Hat Hackers

Grey- Hat Hackers are individuals who work both offensively and defensivelyat various times. We cannot predict their behavior. Sometimes they use their

skills for the common good while in some other times they uses them for their

personal gains.

1.5 Can Hacking Be Done Ethically?

Due to some reasons hacking is always meant in the bad sense and hacking

means black hat hacking. But the question is can hacking be done ethically? The

answer is yes because to catch a thief, think like a thief. Thats the basis for

ethical hacking. Suppose a person or hacker try to hack in to a system and if he

finds a vulnerability. Also suppose that he reports to the company that there is

vulnerability. Then the company could make patches for that vulnerability and

hence they could protect themselves from some future attacks from some black

hat hacker who tries to use the same vulnerability. So unless some body try tofind vulnerability, it remains hidden and on someday somebody might find

these vulnerability and exploit them for their own personal interests. So this

can be done using ethical hacking.

9


10/33

1.6 Ethical Hacking

Ethical hacking is also known as penetration testing, intrusion testing or redteaming. With the growth of the Internet, computer security has become a major

concern for businesses and governments. They want to be able to take

advantage of the Internet for electronic commerce, advertising, information

distribution and access, and other pursuits, but they are worried about the

possibility of being hacked. At the same time, the potential customers of these

services are worried about maintaining control of personal information thatvaries from credit card numbers to social security numbers and home addresses.

In their search for a way to approach the problem, organizations came to realize

that one of the best ways to evaluate the intruder threat to their interests would

be to have independent computer security professionals attempt to break intotheir computer systems. This scheme is called Ethical Hacking.

Successful ethical hackers possess a variety of skills. First and foremost, they

must be completely trustworthy. While testing the security of a client's systems,

the ethical hacker may discover information about the client that should remain

secret. In many cases, this information, if publicized, could lead to real intruders

breaking into the systems, possibly leading to financial losses. During an

evaluation, the ethical hacker often holds the keys to the company, and

therefore must be trusted to exercise tight control over any information about a

target that could be misused.

Ethical hackers also should possess very strong programming and computer

networking skills and have been in the computer and networking business for

several years. Another quality needed for ethical hacker is to have more drive

and patience than most people since a typical evaluation may require several

days of tedious work that is difficult to automate. Some portions of the

evaluations must be done outside of normal working hours to avoid interfering

with production at live targets or to simulate the timing of a real attack. Whenthey encounter a system with which they are unfamiliar, ethical hackers will

spend the time to learn about the system and try to find its weaknesses. Finally,keeping up with the ever-changing world of computer and network security

requires continuous education and review.

10


11/33

1.7 What does an Ethical Hacker do?

An ethical hacker is a person doing ethical hacking that is he is a security

personal who tries to penetrate in to a network to find if there is some

vulnerability in the system. An ethical hacker will always have the permission

to enter into the target network.

An ethical hacker will first think with a mindset of a hacker who tries to get in

to the system. He will first find out what an intruder can see or what others can

see. Finding these an ethical hacker will try to get into the system with thatinformation in whatever method he can. If he succeeds in penetrating into the

system then he will report to the company with a detailed report about the

particular vulnerability exploiting which he got in to the system. He may also

sometimes make patches for that particular vulnerability or he may suggest

some methods to prevent the vulnerability.

11


12/33

2. ETHICAL HACKING

Ethical hacking is a process in which an authenticated person, who is a

computer and network expert, attacks a security system on behalf of its owners,

seeking vulnerabilities that a malicious hacker could exploit. In order to test thesystem an ethical hacker will use the same principles as the usual hacker uses,

but reports those vulnerabilities instead of using them for their own advantage.

2.1 Analogy with Building Robbing

The methodology of a hacker is similar to the one used for usual thefts. Lets

consider the case of a bank robbery. The first step will be to find informationabout the total transaction of the bank, the total amount of money that may be

kept in the bank, who is the manager, if the security personals have a gun with

them etc. This is similar to the foot printing phase of hacking.

The next step will be to find the ways through which we can enter the building,

how many doors are present in the building, if there is a lock at each door etc.

This is similar to the second stage the scanning in which we will check which

all hosts are present, which all services are running etc.

The third step will be to enter the building which is similar to gaining access.

For entering in to a building we need some keys. Like that in case of network

we need some ids and passwords. Once we entered the building our next aim

will be to make an easier way inside when I come next time which is analogous

to the next step maintaining access. In the hacking case we use Trojans, back

door worms etc like placing a hidden door inside the building. Then the final

step in which we will try to hide the fact that I entered the building which is

analogous to the clearing of tracks in the case of hacking.

12


13/33

2.2 Methodology of Hacking

As described above there are mainly five steps in hacking like foot printing,

scanning, gaining access, maintaining access and clearing tracks. But it is not

the end of the process. The actual hacking will be a circular one. Once thehacker completed the five steps then the hacker will start foot printing in that

stage and the preceding stages to get in to the next level.

The various stages in the hacking methodology are

Foot Printing

Scanning & Enumeration

Gaining access

Maintaining access

Clearing tracks

13


14/33

2.3 Foot Printing

The literal meaning of the word foot printing means a preliminary survey togain information. This is the first stage in the methodology of hacking. This is

the stage in which the hacker collects information about the company which thepersonal is going to hack. This is one of the pre-attacking phases. Foot printing

refers to the preparatory phase where an attacker learns about all of the possible

attack vectors that can be used in their plan.

In this pre-attack phase we will gather as much as information as possible which

are publicly available. The information includes the domain names, locations,

contact informations etc. The basic objective of this phase is to make a

methodological mapping of the targets security schema which results in a

unique organization profile with respect to network and system involved. As we

are dealing with the Internet we can find much information here which we maynot intend to put it publicly. We have many tools for such purposes. These

include tools like Sam spade, email tracker, visual route etc.

The interesting thing to note is that we can even use the simple googling as a

foot printing tool.

14


15/33

2.3.1 Google

Google is one of the most famous search engines used in the Internet. Using

some kind of specialized keywords for searching we can find much such

information that is put in publicly. For example if we use some keywords likefor internal use only followed by the targets domain name we may get many

such useful information. Some times even if the company actually removed

from its site, it sometimes gets preserved in the Googles caches.

Some times even the job advertisement in Internet can also be used in foot

printing. For example if some company is looking for professional who are

good in oracle database, this can be telling to the world that they are using the

oracle database in their company. This can be helpful for the hacker since he

can look for the vulnerabilities of that particular object.

One of the main advantages of Google is its advanced search option. The

advanced searches have many options like searching for particular domain,

documents published after a particular period of time, files of particular format,

particular languages etc.

2.3.2 Sam spade

Sam spade is a simple tool which provides us information about a particular

host. This tool is very much helpful in finding the addresses, phone numbers etc

15


16/33

Fig 2.1 Sam spade GUI

The above fig 2.1 represents the GUI of the Sam spade tool. In the text field in

the top left corner of the window we just need to put the address of the

particular host. Then we can find out various formations available. The

information given may be phone numbers, contact names, IP addresses, email

ids, address range etc. We may think that what is the benefit of getting the

phone numbers, email ids, addresses etc. But one of the best ways to getinformation about a company is to just pick up the phone and ask the details.

Thus we can much information in just one click.

16


17/33

2.3.3 Email Tracker and Visual Route

We often used to receive many spam messages in our mail box. We dont knowwhere it comes from. Email tracker is software which helps us to find from

which server the mail does actually came from. Every message we receive willhave a header associated with it. The email tracker uses this header information

for finding the location.

Fig 2.2 Email tracker GUI

The above fig 2.2 shows the GUI of the email tracker software. One of theoptions in the email tracker is to import the mail header. In this software we just

need to import the mails header to it. Then the software finds from which area

17


18/33

that mail comes from. That is we will get information like from which region

does the message come from like Asia pacific, Europe etc. To be more specific

we can use another tool visual route to pinpoint the actual location of the server.

The option of connecting to visual route is available in the email tracker. Visual

route is a tool which displays the location a particular server with the help of IP

addresses. When we connect this with the email tracker we can find the serverwhich actually sends the mail. We can use this for finding the location of

servers of targets also visually in a map.

Fig 2.3 Visual route GUI

The above fig 2.3 depicts the GUI of the visual route tool. The visual route GUI

have a world map drawn to it. The software will locate the position of the server

in that world map. It will also depict the path though which the message came to

our system. This software will actually provide us with information about the

routers through which the message or the path traced by the mail from the

source to the destination.

18


19/33

We may wonder what is the use of finding the place from which the message

came. Suppose you got the email id of an employee of our target company and

we mailed to him telling that you are his greatest friend. Some times he may

reply you saying that he dont know you. Then you use the email tracker and the

visual route to find that he is not working from the office. Then you canunderstand that there are home users in the company. We should understand the

fact that the home users are not protected like the employees working from

office. This can be helpful for the hacker to get in to the system.

19


20/33

2.4 Scanning

Scanning is the second phase in the hacking methodology in which the hackertries to make a blue print of the target network. It is similar to a thief going

through your neighborhood and checking every door and window on each houseto see which ones are open and which ones are locked. The blue print includes

the IP addresses of the target network which are live, the services which are

running on that system and so on. Usually the services run on predetermined

ports. For example the web server will be making use of the port no 80. This

implies that if the port 80 is open in a particular system we can understand that

the targets web server is running in that host. There are different tools used for

scanning war dialing and pingers were used earlier but now a days both could be

detected easily and hence are not in much use. Modern port scanning uses TCP

protocol to do scanning and they could even detect the operating systems

running on the particular hosts.

2.4.1 War Dialing

The war dialers are a hacking tool which is now illegal and easier to find out.

War dialing is the practice of dialing all the phone numbers in a range in order

to find those that will answer with a modem. Earlier the companies used to use

dial in modems to which their employees can dial in to the network. Just a

phone number is enough in such cases. War dialing software makes use of this

vulnerability. A war dialer is a computer program used to identify the phone

numbers that can successfully make a connection with a computer modem. Theprogram automatically dials a defined range of phone numbers and logs and

enters in a database those numbers that successfully connect to the modem.

Some programs can also identify the particular operating system running in the

computer and may also conduct automated penetration testing. In such cases,

the war dialer runs through a predetermined list of common user names and

passwords in an attempt to gain access to the system.

2.4.2 Pingers

Pingers are yet another category of scanning tools which makes use of the

Internet Control Message Protocol(ICMP) packets for scanning. The ICMP is

actually used to know if a particular system is alive or not. Pingers using this

principle send ICMP packets to all host in a given range if the acknowledgmentcomes back we can make out that the system is live. Pingers are automated

software which sends the ICMP packets to different machines and checking

their responses. But most of the firewalls today blocks ICMP and hence they

also cannot be used.

2.4.3 Port Scanning

20


21/33

A port scan is a method used by hackers to determine what ports are open or in

use on a system or network. By using various tools a hacker can send data to

TCP or UDP ports one at a time. Based on the response received the port scan

utility can determine if that port is in use. Using this information the hacker can

then focus their attack on the ports that are open and try to exploit any

weaknesses to gain access. Port scanning software, in its most basic state,simply sends out a request to connect to the target computer on each port

sequentially and makes a note of which ports responded or seem open to more

in-depth probing. Network security applications can be configured to alert

administrators if they detect connection requests across a broad range of ports

from a single host.

2.4.4 Super Scan

Super Scan is a powerful TCP port scanner that includes a variety of additional

networking tools like ping, trace route, HTTP HEAD, WHOIS and more. It uses

multithreaded and asynchronous techniques resulting in extremely fast and

versatile scanning. You can perform ping scans and port scans using any IP

range or specifies a text file to extract addresses from. Other features include

TCP SYN scanning, UDP scanning, HTML reports, built-in port description

database; Windows host enumeration, banner grabbing and more.

21


22/33

Fig 2.4.2 Super Scan View

The fig 2.4.2 shows the GUI of the super scan. In these either we can search a

particular host or over a range of IP addresses. As an output the software will

report the host addresses which are running. There is another option port list

setup which will display the set of services which are running on different hosts.

2.5 System Hacking

22


23/33

This is the actual hacking phase in which the hacker gains access to the system.

The hacker will make use of all the information he collected in the pre-attacking

phases. Usually the main hindrance to gaining access to a system is the

passwords. System hacking can be considered as many steps. First the hacker

will try to get in to the system. Once he gets in to the system the next thing hewants will be to increase his privileges so that he can have more control over the

system. As a normal user the hacker may not be able to see the confidential

details or cannot upload or run the different hack tools for his own personal

interest. Another way to crack in to a system is by the attacks like man in the

middle attack.

2.5.1 Password Cracking

There are many methods for cracking the password and then get in to the

system. The simplest method is to guess the password. But this is a tediouswork. But in order to make this work easier there are many automated tools for

password guessing like legion. Legion actually have an inbuilt dictionary in it

and the software will automatically. That is the software it self generates the

password using the dictionary and will check the responses.

Many types of password cracking strategies are used today by the hackers which

are described below.

a) Dictionary crackingIn this type of cracking there will be a list of various words like the persons

childrens name, birthday etc. The automated software will then make use of

these words to make different combinations of these words and they will

automatically try it to the system.

b) Brute force cracking

This is another type of password cracking which does not have a list of precompiled words. In this method the software will automatically choose all the

combinations of different letters, special characters, symbols etc and try them

automatically. This process is of course very tedious and time consuming.

c) Hybrid cracking

This is a combination of both dictionary and hybrid cracking technique. This

means that it will first check the combination of words in it inbuilt dictionary

and if all of them fails it will try brute force.

23


24/33

Social Engineering

The best and the most common method used to crack the password is social

engineering. In this technique the hacker will come in direct contact with the

user through a phone call or some way and directly ask for the password by

doing some fraud.

2.5.2 Loft crack

This is software from @stake which is basically a password audit tool. This

software uses the various password cracking methodologies. Loft crack helps

the administrators to find if their users are using an easy password or not. This isvery high profile software which uses dictionary cracking then brute force

cracking. Some times it uses the precompiled hashes called rainbow tables for

cracking the passwords.

Fig 2.5.2 Loft crack GUI

24


25/33

The fig 2.5.2 given above shows the GUI of loft crack. Usually in windows the

passwords are stored in the Sam file in the config directory of system 32. This

file operating system protected that is we cannot access this file if the operating

system is running. But with this loft crack we just need to run a wizard to get the

details of the passwords stored in the Sam file. As seen from the figure the

software used the dictionary of 29156 words in this case. It also got options to

use the brute force and pre-compiled hashes.

25


26/33

2.5.3 Privilege Escalation

Privilege escalation is the process of raising the privileges once the hacker gets

in to the system. That is the hacker may get in as an ordinary user. And now he

tries to increase his privileges to that of an administrator who can do many

things. There are many types of tools available for this. There are some toolslike get admin attaches the user to some kernel routine so that the services run

by the user look like a system routine rather than user initiated program. The

privilege escalation process usually uses the vulnerabilities present in the host

operating system or the software. There are many tools like hk.exe, metasploit

etc. One such community of hackers is the metasploit.

2.5.4 Metasploit

Metasploit is actually a community which provides an online list ofvulnerabilities. The hacker can directly download the vulnerabilities and directlyuse in the target system for privilege escalation and other exploits. Metasploit is

a command line tool and is very dangerous as the whole community of black hat

hackers is contributing their own findings of different vulnerabilities of different

products.

2.5.5 Man in the Middle Attack

In this type of system hacking we are not actually cracking the password insteadwe let all the traffic between a host and a client to go through the hacker system

so that he can directly find out the passwords and other details. In the man in the

middle attack what a hacker does is he will tell to the user that he is the server

and then tell the server that I am the client. Now the client will send packets to

the hacker thinking that he is the server and then the hacker instead of replying

forwards a copy of the actual request to the actual server. The server will then

reply to the hacker which will forward a copy of the reply to the actual client.

Now the client will think that he got the reply from the server and the server will

think that it replied to the actual client. But actually the hacker, the man in the

middle, also have a copy of the whole traffic from which he can directly get theneeded data or the password using which he can actually hack in.

26


27/33

2.6 Maintaining Access

Now the hacker is inside the system by some means by password guessing or

exploiting some of its vulnerabilities. This means that he is now in a position to

upload some files and download some of them. The next aim will be to make an

easier path to get in when he comes the next time. This is analogous to making a

small hidden door in the building so that he can directly enter in to the buildingthrough the door easily. In the network scenario the hacker will do it by

uploading some softwares like Trojan horses, sniffers, key stroke loggers etc.

2.6.1 Key Stroke Loggers

Key stroke loggers are actually tools which record every movement of the keysin the keyboard. There are software and hardware keystroke loggers the directly

records the movement of keys directly. For maintaining access and privilege

escalation the hacker who is now inside the target network will upload the

keystroke logging softwares in to the system.

The software keystroke loggers will stay as a middle man between the keyboard

driver and the CPU. That is all the keystroke details will directly come to the

software so that the tool keeps a copy of them in a log and forwarding them to

the CPU.

2.6.2 Trojan Horses & Backdoors

A Trojan horse is a destructive program that masquerades as a benign

application. Unlike viruses, Trojan horses do not replicate themselves but they

can be just as destructive. One of the most insidious types of Trojan horse is a

program that claims to rid your computer of viruses but instead introducesviruses on to your computer. The term comes from a Greek story of the Trojan

War in which the Greeks gives a giant wooden horse to their foes, the Trojans,

ostensibly as a peace offering. But after the Trojans drag the horse inside their

city walls, Greek soldiers sneak out of the horses hollow belly and open the

city gates, allowing their compatriots to pour in and capture Troy. Generally a

Trojan is a malware that runs programs that you are either unaware of or dont

want to have tuning on your system.

The hackers will place these Trojan software's inside the network and will go

out. Then after sometimes when he come back the Trojan software eitherauthenticate the hacker as a valid user or opens some other ports for the hacker

to get in. There are many functions of Trojans like

Password sending/capturing27


28/33

FTP Trojans

Keystroke captures Trojans

Remote access Trojans

Destructive Trojans

Denial of Service Trojans

Proxy Trojans

The Trojans can be introduced through chat clients, email attachments, physical

access to systems, file sharing, and wrappers and through other P2P softwares.

2.6.3 Wrappers

In the maintaining access phase in the hacking we usually upload some software

in to the system so that for some needs. In order to keep the software's and other

data to be hidden from the administrator and other usual user the hackers

usually use wrapper software to wrap their contents to some pictures, greeting

cards etc so that they seem usual data to the administrators. What the wrapper

softwares actually does is they will place the malicious data in to the white

spaces in the harmless data.

There are some tools like blindside which will insert and extract the data intojust jpeg or bmp pictures. Actually what they does is that they will insert the

data into the white spaces that may be present in the files. The most attractive

thing is that most of the time they will not alter the size of the file.

28


29/33

2.6.4 Elite wrap

This is very notorious wrapper software. Elite wrap is a command line tool

which wraps one or more Trojans in to a normal file. After the processing the

product will look like one program while it will contain much software. The

specialty of this is that we can even make the Trojans, packed in to it, to getexecuted when the user open that file.

For example consider the case in which the netcat Trojan is packed to a flash

greeting card. Now when the user opens the card, in the background, the netcat

will start working and will start listening to some ports which will be exploited

by the hackers.

29


30/33

2.7 Clearing Tracks

Now we come to the final step in the hacking. There is a saying that

Everybody knows a good hacker but nobody knows a great hacker.

This means that a good hacker can always clear tracks or any record that they

may be present in the network to prove that he was here. When ever a hacker

downloads some file or installs some software, its log will be stored in the

server logs. So in order to erase those the hacker uses man tools.

One such tool is windows resource kits auditpol.exe. This is a command line

tool with which the intruder can easily disable auditing. There are some other

tools like Eslave which directly clears all the event logs which tell the

administrator that some intruder has come in. Another tool which eliminates any

physical evidence is the evidence eliminator. Sometimes apart from the server

logs some other informations may be stored temporarily. The Evidence

Eliminator deletes all such evidences.

Win zapper

This is another tool which is used for clearing the tracks. This tool will make a

copy of the log and allows the hackers to edit it. Using this tool the hacker justneed to select those logs to be deleted. Then after the server is rebooted the logs

will be deleted.

30


31/33

3. CONCLUSION

One of the main aim of the seminar is to make others understand that there are

so many tools through which a hacker can get in to a system. There are many

reasons for everybody should understand about these basics. Lets check its

various needs from various perspectives.

Student

A student should understand that no software is made with zero vulnerability.

So while they are studying they should study the various possibilities and should

study how to prevent that because they are the professionals of tomorrow.

Professionals

Professionals should understand that business is directly related to security. So

they should make new software with vulnerabilities as less as possible. If they

are not aware of these then they wont be cautious enough in security matters.

Users

The software is meant for the use of its users. Even if the software vendors

make the software with high security options with out the help of users it can

never be successful. Its like a highly secured building with all doors opencarelessly by the insiders. So users must also be aware of such possibilities of

hacking so that they could be more cautious in their activities.

In the preceding sections we saw the methodology of hacking, why should we

aware of hacking and some tools which a hacker may use.

Now we can see what we can do against hacking or to protect ourselves

from hacking.

The first thing we should do is to keep ourselves updated about those

softwares we and using for official and reliable sources.

Educate the employees and the users against black hat hacking.

Use every possible security measures like Honey pots, Intrusion

Detection Systems, Firewalls etc.

Every time make our password strong by making it harder and longer to

be cracked.

31


32/33

The final and foremost thing should be to try ETHICAL HACKING at

regular intervals.

32


33/33

References

1. http://netsecurity.about.com

2. http://researchweb.watson.ibm.com

3. http://www.eccouncil.org

4. http://www.ethicalhacker.net

5. http://www.infosecinstitute.com

6. http://searchsecurity.techtarget.com

My Hacking Report

Documents