S

DANIAL MAYO SCHOOL NAGAUR

ETHICAL HACKING WORKSHOP BY

RAJAN KHANDELWAL(CYBER CRIME SECURITY EXPERT CERTIFIED)SACHIN PUNIYA (TRAINER UNDER SUNNY VAGELA & RAHUL TYAGI)

TOPICS OF WORKSHOP ETHICAL HACKING INTRODUCTION.

INTRODUCTION TO INFORMATION GATHERING & FOOT PRINTING

PHISHING (GMAIL HACKING,FACE-BOOK HACKING)

CYBER FORENSICS. VIRUS,WORMS,KEYLOGGERS,SNIFF

ERS, TROZANS.

TOPICS

SYSTEM HACKING & SECURITY.

GOOGLE HACKING STEGNOGRAPHY

FIREWALLS AND DNS .

1).ETHICAL HACKING INTRODUCTION

1. WHAT IS HACKING?

2. WHAT IS ETHICAL HACKING AND WHO ARE ETHICAL HACKERS?

3. WHAT ARE TYPE OF ETHICAL HACKERS?

Black hat ,White hat ,Grey hat, Script kiddies,

Undergo Employees.

Hackers development cycle

Reconnaissance- it’s the basic information gathering about the target system.

Scanning-its to target the system for open ports and services running on the open ports.(65570 ports)

Gaining Access-it’s the actual access of the target system by exploiting the system.

Maintaining Access-keeping the access of the system even after leaving the system so as not to perform all the steps from the start.

Cleaning tracks- To remove the footprints if any so as to remain undetected from the system.

practical's Global IP address-www.ipcow.com

To find dedicated and shared server-www.yougetsignal.com

Use to check IP address and contact details of any website-

Who.is website, Samspade software.

How to copy full website and see it in offline –winHT track website copier.

To see website back to time –way back time machine.

For changing right click properties Go to run type regedit.

In regedit go to my computer then Hkey classes root

Then search for name “folder”.

In folder there is shell open ,

Default change content according to you .

To ping any website- c:CD/

C:/>ping www.websitename.com

For changing hard disk options

Go to run type gpedit.msc

User configurations.

Admin privileges.

Windows component.

Windows explorer –just see on its right side and change settings according to you.

INTRODUCTION TO INFORMATION GATHERING AND FOOTPRINTING FOOT PRINTING IS PRE ATTACK PHASE IT HELPS US TO

GATHER MAXIMUM ABOUT OUR VICTIM.

SCANNING IS A PROCESS OR TECHNIQUE OF INTELLIGENT INFORMATION FOR AN ATTACKER

WE FIND

1. IP ADDRESS

2. OPERATING SYSTEMS.

3. SYSTEM ARCHITECTURE.

4. SERVICES RUNNING ON EACH COMPUTER.

THREE TYPES OF SCANNING

PORT SCANNING,NETWORK SCANNING ,VULNERABILITY SCANNING

PRACTICALS SOFTWARE TO SCAN PERSONS THAT ARE IN

YOUR NETWORK IF U ARE WORKING ON WIFI OR ANY COMPANY

SOFTPERFECT NET SCAN FOR NET WORK

SCANNING

SOFTWARE TO SCAN DETAILS OF ANY WEBSITE ANY SERVER ,ANY COMPUTER

ZENMAP OR NMAP (SCAN ANY WEBSITE )

C:/>NMAP 192.168.150.1.

PHISHING (GMAIL,FACE BOOK HACKING)

PHISHING IS A TECHNIQUE THROUGH WHICH WE SEND A CLONE PAGE OF ANY WEBSITE TO THE VICTIM AND AS THE VICTIM FILES THE USERNAME AND PASSWORD WE GET THAT PASSWORD AND WE CAN ACCESS THAT MAIL OR WEBSITE ACCOUNT OF THE VICTIM.

REQUIREMENTS:-

1. GMAIL FAKE PAGE .

2. PHP SCRIPT.

3. LOGS.txt.

4. FREE HOSTING WEBSITE.

PRACTICAL OPEN GMAIL .COM

RIGHT CLICK ON IT OR PRESS CONTROL+U.

ITS PAGE SOURCE VIEW COPY ALL THE PAGE

OPEN NOTEPAD AND PASTE IT

EDIT FIND ACTION CHANGE FILE TO NOKIA.PHP

AND SAVE THAT FILE AS GMAIL.HTML

NOW THAT FILE IS ON LOCAL MACHINE BUT TO SEND THAT TO ANY VICTIM WE SHOULD HAVE TO UPLOAD THAT ON ANY WESITE THROUGH WHICH IT WOULD BE GETTING LINKED.

CONTINUE ANY WEBHOSTING SITE

WWW.T35.COM,WWW.110MB.COM,WWW.BYTEHOSTING.COM,000WEBHOST.COM

MAKE YOUR ACCOUNT THEN GO TO CONTROL PANEL FILE MANAGER

MAKE NEW FOLDER MAKE NEW DIRECTORY

UPLOAD NOKIA.PHP FILE ,GMAIL.HTML(FAKE

PAGE).

CONTINUE SEND THE LINK OF YOUR FAKE PAGE TO VICTIM

YOU WOULD GET THE USERNAME PASSWORD IN LINK YOU SEND IT TO THE VICTIM JUST CHANGE LAST ROOT FILE OF IT WITH LOGS.TXT.

http://roam.hostingsiteforfree.com/nokia.php/logs.txt

http://roam.hostingsiteforfree.com/nokia.php/gmail.html

http://roam.hostingsiteforfree.com/nokia.php/facebook.html

CYBER FOREINSICS Cyber Forensics can be defined as a process

of retrieving back the evidences deleted by the criminal from hard disk, pen drive, memory card, laptop disks, portable hard disks.

The process takes place in two manners:-

1. Recovering the deleted data

2. In case of damage Sorting the data from a scrambled

form.

continue

Formatting

1. Quick Formatting 2. Complete Formatting

Index Application Size

101001 ramayan.avi 850MB

Quick Formatting will be very quick and after when its done your OS will not gone show you any content of the pendrive and hence we think data is deleted but in reality data is always there in quick formatting, its only Index is gone. and when index is gone then Windows OS can not determine the location of file and hence will say its empty.

Continue

Complete Formatting : It will delete both index and data.

Whatsapp Forensic Recovery:-Can recover up to 7 days of the chat because after 7 days backup whatsapp delete the logs from your storage.

Practical How to recover what's app messages

1. Take the phone whose messages you want to recover take file called MySQL from database of whatsapp to your computer and save it .

2. Go to website www.recovermessages.com

3. Scan the MySQL file and you will have messages of seven days.

Continue

How to recover pendrive and hard disk drives?

For that a software is needed it is

Easus data recovery professional for data recovery .

Select the drive in this software which you want to recover but first condition drive should be quick format .

Virus ,worms keyloggers,trojans

What is virus ?

Malicious program ,using this program will damage your

system, by injecting the virus into other program

what is worms?

same as virus but they will spread throughout the

network.

What is Trojan ?]

It is like data of the victim to be used by someone else.

Not harming your computer.

TROJANS

There are 2 types of Trojans are there

1. DIRECT TROZAN – IT’S THE TROZAN IN WHICH YOU NEED TO HAVE IP ADDRESS OF THE VICTIM EVERYTIME .

2. REVERSE TROZAN- IT’S THE TROZAN IN WHICH YOU NEED TO HAVE IP ADDRESS OF THE VICTIM ONCE AS IT CHANGES DYNAMICALLY THERE WILL BE EFFECT IN OUR ID WHICH WE WANT(VICTIM’S IP)

PRACTICAL DIRECT TROZAN ARE-

1. BEAST TROZAN V2.0

2. PRO RAT

3. TROKOZAN

REVERSE TROZAN

1. CYBER GATE

2. DARK COMMET.

CONTINUE

BEAST TROZAN

1. HOST IP address ,port, built server

2. As server is build there will be file we will send it to victim there he clicks it .

3. And then we connect the victim by clicking on go beast now we can have ay change .

DARK COMMET

1.CLIENT 2.EDIT SERVER 3.SERVER MODULE 4.TEST

NETWORK 4.INSTALL MESSAGE 5.BUILD SERVER .

Keyloggers (theory n practical) What is key logger?

It is a tool which keeps record of what ever you write on pc

or notepad file username password etc.

Two types of key logger

1.local key logger – family key logger.

2.remote key logger –general keylogger.

SYSTEM HACKING & SECURITY

What is system hacking?

it’s the process in which we log into the victims computer

or any persons computer which is locked without

password or by changing the password.

there are 2 modes in which system hacking is done :-

1 online mode.

2 offline mode.

PRACTICALS Online mode-

For windows XP –command prompt net user password

For windows 7 and above manage options local users

user administrator (change password)

Offline mode-

1. Hiren boot cd.

2. Kon boot cd.

security

Use windows 8 version or Ubuntu.

Use bios password locker .

Use boot priority as from hard disk .

Change periodically your password.

GOOGLE HACKING Who discovered Google?

Larry Page and Sergey Brin 1997 and deploy in 1998 from Stanford university.

Google ranking--> Its a page rank algorithm that rank the websites according to their genuine content and their relevance on stats incurring hits on the websites and popularity among the cyber space youth.

Google hacking is nothing but its advance method for searching required things in the internet. As Google advance searching platform gives us a refined search.

PRACTICALS Define: computer.

Time: Gujarat.

Weather: America.

CCTV Camera Hacking with Google

DORK ----> "view/shtml”

Website Hacking with Google Hacks

XML Extraction attack

"app/etc./local.xml”

www.exploit-db.com -- to see more Google hacks.

STEGNOGRAPHY

It is science of hiding information.

It is hiding text files in pictures audio mp3 files ,video files.

Basically used by terrorist in 9/11 attacks on USA

Practical First make a notepad file and save as

“secret.txt”

And next we should have pictures any image. Jpg

Now go to command prompt type

copy/b image.Jpg+secret.txt secretimage.jpg

1 file copied (it’s a way in command prompt)

Using GUI we use Stool which accepts only bmp image file

FIREWALLS Firewall in computer terms can be defined as the

gatekeeper which checks the genuine of every data packet coming and going out from the computer. Mainly it is deployed to protect our computer from external attacks ,like malicious URL attacks, remote exploits like netapi, viruses etc.

Company Colleges Restrictions

Establishing ID

Establishing UTMs

Establishing Firewalls

Practicals 1. Software Firewall: can be defined as an

application software which is going to be installed on windows or any other operating system. And then start its scanning and protection mechanism.

Top software firewalls

1. Zone Alarm Firewall 2.Viper Internet Security 2013

*Limitation of Software Firewall*

can easily be corrupted and infected

- Unable to protect servers and other OS from zero day attacks

practical 2. Hardware Firewall: can be defined as a piece

of hardware that can be deployed in the organization to protect it from external as well as internal attacks. As its a piece of hardware its always comes into a read only rom chip that can not be easily infected by any virus or exploit.

Hardware Firewalls Available

1. Juniper Hardware Firewall (UTM)unified threat mgmt. system.

2. Nebero ( Anti-Porn)

3. Cyberom (Indian Company Ahmedabad, Client)

Set up a free firewall Name –open DNS

Website Control Panel: www.opendns.com

Support: Servers, Windows, LAN and MAN up to 5k users.

Deployment: For Personal PC, For LAN Router, For

College University and organization etc. etc.

WEBSITE HACKING What is website?

Websites can be defined as a platform to present information about a company, person, organization etc. etc.

Web site are of two types

1. Static Websites: Static Websites can be defined as the websites which are not driven by a proper database and maximum all static websites are developed in HTML technology with almost rare response feature from the end these website are not having any control panel. they are mostly driven through TP clients connected to the hosting server.

Continue

2. Dynamic Websites: These websites can be defined as the websites having large number of database installed and also have features to insert new data, fetch new data, delete the data etc. etc. These websites have their own control panels from which the admin do change the settings as per required. It has properties like : Read Write Delete Insert etc. etc. which are not available in Static websites. Dynamic Websites uses databases like: MY SQL , SQL SERVER , ORACLE etc.

Parts of Web Application

Front Hand : From where user fills the data and when clicks on submit the data goes to the database.

Backhand: is the database where the requested data is being stored.

Continue SQL ( Structured Query Language)

Its a technology that able to get the data from the front hand and stored the data into the backhand And when required do the vice versa.

Admin Login Page

The page from where the administrator enters into the control panel of the website and do the need fully changes.

"adminlogin.php" "admin/login.php" "administrator.php" "login/admin.php"

"adminlogin.asp" "admin/login.asp" "adminstrator.asp" "login/admin.asp"

"adminlogin.aspx" "admin/login.aspx" "adminstrator.aspx" "login/admin.aspx"

Continue When u find admin age then u need to enter

username password

Write 'or' '=’ in user Name n password Field

Use proxies while hacking

If time Left i Will teach You error based SQL injection and xss vulnérabilités

QUERIES

For any enquires & questions contact on

Facebook-https://www.facebook.com/rajan.khandelwal.98

Gmail- http://www.rajankhandelwal01@gmail.com

My WEBSITE-www.officialrajankhandelwal01.weebly.com

On whatsapp only ques 9414463477

YOU can follow me on TWITTER-

AND MR SACHIN PUNIYA

Sachinpuniya.blogspot.com

Facebook-https://www.facebook.com/sachin.puniya