hacking books from M.MS

7/29/2019 hacking books from M.MS

1/14

i


2/14

CONTENTS

BEHC: Introduction to Born Ethical Hackers Club ...................................................3

Hack! What the hell it is?? ...................................................................................3

Hacking: What is it?? ...........................................................................................5

Most Important terms ..........................................................................................6

Can Hacking be Ethical? If yes, then How and what is Ethical? ...............................7

Difference between Hackers and Crackers.............................................................7

What you will learn with BEHC? ............................................................................8

Security and its three basic pillars (C.I.A) .............................................................9

How hackers perform their hack attacks? ............................................................11

Phase 1: Information gathering and Reconnaissance ........................................11

Phase 2: Scanning the target ..........................................................................12

Phase 3: Breaking the system and Gaining the Access......................................12

Phase 4: Maintaining the access without getting acknowledged .........................13

Phase 5: Removing and covering traces ...........................................................13


3/14

BEHC: INTRODUCTION TO BORN ETHICALHACKERS CLUB

BEHC stands for Born Ethical Hackers Club. BEHC is a part of campaign thatHackingloops has started to train internet and general users Ethical Hacking andNetwork Security so that they can cope up with current web world which in itself a

new world and most important buggy and unsecured one.

BEHC is owned by Lokesh Singh a.k.a Lucky (owner of Hackingloops / Hackoma-niac / Isoftdl). Now you all people will be thinking why I made this group andnamed as Born Hackers. As we all know, we all doing some amazing stuff from theday we are born. There are two ways of living life. First following the great personsand second creating your own paths. And believe me friends you can become oneof the great hacker only by choosing second path i.e. innovative thinking and creat-ing your own paths and rules. I

can just guide you what is thepath and how you going torun(because walking is just awaste of time :P) on it. Thats all

about BEHC.

Follow BEHC @ Facebook and @

twitter

So friends, I am not going to boreyou more and lets start our jour-

ney to become a great Hacker.

HACK! WHAT THE HELL IT IS??

Technically, Hack is overriding or modifying stuff to achieve something uncommon

to normal user say overriding normal procedures of doing things or modifyingthings to achieve something hidden or uncommon.

Lets understand it with an example. Suppose we wish to change the administratorpassword of windows operating system. Now we all know that we can change win-

dows password by following below procedure:
http://www.facebook.com/hackingloopshttp://www.twitter.com/hackingloopshttp://www.twitter.com/hackingloopshttp://www.twitter.com/hackingloopshttp://www.facebook.com/hackingloops


4/14

For windows 7 operating system:

GO TO CONTROL PANEL USER ACCOUNTS SELECT USERCHANGE PASS-WORD SAVE NEW PASSWORD.The above explained procedure is normal way that users use to change windows

administrator or users password.

But we all know that there are several uncommon ways of changing windows ad-

ministrator or users password. These ways is what we call HACK.

Now in above explained procedure wont work if I dont have administrator rights orI forgot the administrator password. Now how I will change the administrator pass-

word or unlock system.

Here the term Hack and Hacker will come into picture. Now we have to use un-common ways to achieve the target as normal procedure is no longer working in

our situation.

We can do above tasks by several methods according to levels of Hackers.

Novice Users: They will format the windows operating system or will take expertshelp.

Script Kiddies (beginner level hackers): They will use Linux live disks or Emer-

gency rescue disks to reset the password.

Medium Level Hackers (who have good knowledge of system and hacking

tools): They will use advance Hacking tools like OPHCrack or Backtrack OS to re-

trieve the password.

Elite Hackers (expert level hackers): Why to use any third party tool (knowhow to do with third party tools) when I can do this manually by breaking into sys-

tem root and reset it.

I will explain all the above methods in forthcoming classes but I want to tell theelite ones procedure to give you an idea about up to what level we will learn

things.

So below is the procedure how Elite Hackers will do:

Elite Hackers do things based on situations say how I will do if its my own sy stem

and if its somebody elses system (i.e. I want to break into his/her system withoutgetting tracked).

If its my own system, I have two choices: First, I can reset the password and

Second, I can retrieve the password.


5/14

If its somebody elses system, I am left with only one choice i.e. I need to retrievethe password because if I reset it then victim will know that somebodys has brokeninto his/her system and you cannot call yourself elite if you can be tracked.

So as a elite hacker I will try to retrieve the administrator password without gettingtracked or caught and its simplest way is using OPHCrack Live CD because this isthe only possible way to retrieve the existing password without resetting it. All oth-er methods reset the windows password. Alternatively, I will insert windows operat-ing system CD/DVD and try to retrieve the windows password encrypted file and

then decrypt it at my own system. I will share the exact methods in later classes.

HACKING: WHAT IS IT??

Hacking is derived by merging two words HACK andING i.e. Hack and its working.

Technically, Hacking is an art of exploring un-

common things or modifying things to achieve

uncommon functionalities.

But nowadays this definition is altered because ofour Media and few old folks who even dont knowhow many keys are there on keyboard or dont even

know how to pronounce the word Computer.

Our cool Media has represented Hacking as an art ofdeceiving web users to achieve malicious goals. Iwas watching NDTV and other TV news channels,this is how they have defined the word Hacking and

they categorized all smart internet and computer users as criminals.

And old folks like Parents. Ok leave others parents I will share things about mine.One day I was performing penetration testing on ICICI website and in between Icalled my father and told him that see how many vulnerabilities and bugs this ICICIbank website has. Now you will be surprised what he replied Thief stop buggingbank website, you will go to Jail. I really felt bad and told my father what the hell

you are saying, I am just analyzing website to report the bugs to their developersand his reply was Stop doing crap stuff. I was shocked but didnt say anything be-

cause it is because of euphoric hype created by Media.

So friends, dont get demotivated by things that you see on media or hear from

folks. They are saying it bad because it is represented as bad to them by our me-dia.

Actually its not only media who is responsible for this. Its us also. Why so?


6/14

Because when i frankly asked people, why you want to learn Hacking? This is the

reply what I got:

1. I want to hack my friends emails and Facebook 40%2. I want to have fun 30%3. I want to become security professional or Ethical Hacker 15%4. I want to see what my girlfriend is doing 11%5. I want to take revenge 3%6. I want to learn cool stuff1%

See only 16% people (15% Ethical hackers + 1% learn cool stuff) want to learn

ethical hacking for good reasons.

I will teach you everything but its solely your decision whats your reason to learn

Hacking.

MOST IMPORTANT TERMS

Threat An action or event that might compromise security. Usually a threat is a

potential violation of security.

Exploit It is defined way to breach the security of a computer or network system

through vulnerabilities found during system analysis or penetration testing.

VulnerabilityIt is a weakness, design, or implementation error that can lead to

an unexpected, undesirable event or module compromising the security of the sys-tem.

Target Target can be any system or network or web application which a Hackerwishes to hack.

Attack Attack is basically system violation which is launched against any system

or network or web application.

Security It is a set of rules which are made to harden system so that others can-

not penetrate into the system.

Are you all still unclear about above terms, what they practically mean? So letsconsider an example, we want to hack into some website and deface the websitehome page. Then, threat is defacing a website, exploit is the procedure that we willuse to hack it, vulnerability is SQL injection bug in the website, target is websiteitself, attack is website hacking and defacement, security is set of rules which wewill use to make system harden so that hacker cannot hack it.


7/14

We cannot make a system which is completely unhackable; we can only

make system harden so that it cannot be hacked.

CAN HACKING BE ETHICAL? IF YES,

THEN HOW AND WHAT IS ETHICAL?

Yes, Hacking can be Ethical. Major companies nowadays are expanding their busi-ness to attract web users and we all know web world is still unsecure. So thesecompanies hire hackers to test their website against several hacking attempts. Thisis also called Penetration testing. Hence, Companies by themselves allows hackersto hack their web application to test the security of their web application. So thehackers which got the authority from company to hack their system are called Ethi-

cal Hackers or Professional Hackers.

For performing such tasks Ethical hackers are handsomely paid. In IT world termi-nology this type of Hacking is referred as Penetration testing. Is this the only wayto become Ethical Hacker?

Answer is absolutely NO. There are several hackers who find out the bugs in theweb application or system and report them back to company instead of using thosebugs to attack the web application. This type of hackers are also considered as Eth-ical Hacker but technically there is separate term defined in hacking world for suchhackers which is known as Grey Hat Hackers.

DIFFERENCE BETWEEN HACKERS AND CRACKERS

There is a very thin line difference between the hacker and cracker. Like a coin hastwo faces heads or tails, similar is true for computer experts. Some uses their tech-niques and expertise to help the others and se-cure the systems or networks and some misus-es them and use that for their own selfish rea-sons.

There are several traditional ways that deter-

mines the difference between the hackers andcrackers. I will provide you these ways in orderof their acceptance in the computer and ITmarket. First of all, let me provide you the ba-

sic definitions of both hackers and crackers.

Hackers: A Hacker is a person who is extreme-ly interested in exploring the things and recon-


8/14

dite workings of any computer system or networking system. Most often, hackersare the expert programmers. These are also called Ethical Hackers or white hathackers. And the technique or hacking they perform is called ethical hacking.

Ethical Hacking Means you think like Hackers that is first you Hack the Systems andfind out the loop holes and then try to correct those Loop Holes. These types ofhackers protect the cyber world from every possible threat and fix the future com-ing security loop holes. These peoples are also called as "GURU's" of Computer Se-curity.

Crackers: Crackers or Black Hat hackers or cheaters or simply criminals, they arecalled criminals because they are having the mindset of causing harm to securityand they steals very useful data and use it in wrong ways. Phishers also come inthis category who steals account info and steal your credit card nos. and moneyover the Net.

WHAT YOU WILL LEARN WITH BEHC?Now its really a cool question what we will learn in BEHC Classes. And your answeris here, we will learn below topics in details along with basic Hacking and Technolo-

gy Stuff.

Note: We will learn all basic stuff and below list of attacks precisely.

Injection Based Attacks:Blind SQL InjectionStandard SQL Injection (manual pro-

cedure)Tool Based SQL InjectionBlind XPath InjectionStandard XPATH InjectionXPATH Injection JavaCommand InjectionComment Injection AttackArgument Injection or ModificationCustom Special Character InjectionSpecial Element InjectionEval Injection (Direct Dynamic Code

Evaluation)Direct Static Code InjectionLDAP injectionResource InjectionServer-Side Includes (SSI) InjectionCode Injection

Directory Based Attacks:

Binary plantingFull Path DisclosurePath Manipulation

Path TraversalRelative Path Traversal

Cross Site Scripting attacks:Cross Frame ScriptingCross Site History Manipulation(XSHM)Cross Site TracingCross-Site Request Forgery (CSRF)Cross-site Scripting (XSS)Cross-User Defacement

CSRFXSRFCORS OriginHeaderScrutinyCORS RequestPreflighScrutiny

Encryption/Decryption Attacks:CryptanalysisDouble Encoding


9/14

Unicode Encoding

Session Based Attacks:Man-in-the-browser attackMan-in-the-middle attackRepudiation AttackSession fixationSession hijacking attackSession PredictionPage HijackingForced browsingOne-Click AttackClick jacking

Denial of service Attacks:Denial of Service

Asymmetric resource consumption(amplification)Buffer overflow attackTraffic f loodRegular expression Denial of Service -ReDoSOverflow Binary Resource File

Cash Overflow

HTTP Based Attacks:HTTP Request SmugglingHTTP Response SplittingBrute force attackCache PoisoningParameter DelimiterWeb Parameter TamperingFormat string attack

Mobile Based Attacks:Mobile code: invoking untrusted mo-bile codeMobile code: non-final public fieldMobile code: object hijack

Others:Account lockout attackSpywareSetting ManipulationTrojan horseWindows: DATA alternate data stream

SECURITY AND ITS THREE BASIC P ILLARS (C. I.A)Securityas a condition is the degree of resistance to, or protection from, harm. Itapplies to any vulnerable and valuable asset, such as a person, dwelling, co mmuni-ty, nation, or organization. Establishing or maintaining a sufficient degree of securi-ty is the aim of the work, structures, and processes called "security." In IT (Infor-mation Technology) world, security is the resistance that Designer or company in-troduces so that it cannot be breached. In IT world, Security has three foundation

pillars known as C.I.A.

C.I.A stands for Confidentiality, Integrity and Availa-bility. Any attempt to breach any of these is consi-dered as attack. General information about theseterms can be easily extracted from their names butlets discuss these in detail to understand them

properly.

Confidentiality: Confidentiality is the term used toprevent the disclosure of information to unauthorizedindividuals or systems. For example, a credit card


10/14

transaction on the Internet requires the credit card number to be transmitted fromthe buyer to the merchant and from the merchant to a transaction processing net-work. The system attempts to enforce confidentiality by encrypting the card num-ber during transmission, by limiting the places where it might appear (in databases,log files, backups, printed receipts, and so on), and by restricting access to the

places where it is stored. If an unauthorized party obtains the card number in anyway, a breach of confidentiality has occurred.

Confidentiality is necessary (but not sufficient) for maintaining the privacy of the

people whose personal information a system holds.

Integrity: Integrity refers to the trustworthiness of information resources. It in-cludes the concept of "data integrity" -- namely, that data have not been changedinappropriately, whether by accident or deliberately malign activity. It also includes"origin" or "source integrity" -- that is, that the data actually came from the personor entity you think it did, rather than an imposter.

Integrity can even include the notion that the person or entity in question enteredthe right information -- that is, that the information reflected the actual circums-tances (in statistics, this is the concept of "validity") and that under the same cir-cumstances would generate identical data (what statisticians call "reliability").

On a more restrictive view, however, integrity of an information system includesonly preservation without corruption of whatever was transmitted or entered intothe system, right or wrong.

Availability: For any information system to serve its purpose, the informationmust be available when it is needed. This means that the computing systems used

to store and process the information, the security controls used to protect it, andthe communication channels used to access it must be functioning correctly. Highavailability systems aim to remain available at all times, preventing service disrup-tions due to power outages, hardware failures, and system upgrades. Ensuring

availability also involves preventing denial-of-service attacks.

Almost all modern organizations are highly dependent on functioning informationsystems. Many literally could not operate without them. Availability, like other as-pects of security, may be affected by purely technical issues (e.g., a malfunct ioningpart of a computer or communications device), natural phenomena (e.g., wind orwater), or human causes (accidental or deliberate).

While the relative risks associated with these categories depend on the particularcontext, the general rule is that humans are the weakest link. (That's why eachuser's ability and willingness to use a data system securely are critical.)


11/14

HOW HACKERS PERFORM THEIR HACKATTACKS?

There are several ways using which Hackers perform Hack attacks. I have broken acomplete Hacking attempt into several phases (generally). How a hacker performshacking attempt is solely dependent on Hacker but we can tell the fundamentals ofdoing it because fundamentals are always same. Most hackers architect their hack-ing attempt before performing a hacking attempt to understand what he is going todo and how he is going to perform it and how he will prevent himself from beingcaught. Hackers who hack without thinking anything prior are considered as novicehackers and they can be easily tracked or caught during the process because eachstep is damn important. Also chances of success increases when we follow some

procedure rather than following nothing.

I have divided any hacking attempt into 5 different phases mentioned be-

low:

Phase 1: Information Gathering and Reconnaissance

Phase 2: Scanning the target

Phase 3: Breaking the system and Gaining the Access

Phase 4: Maintaining the access without getting acknowledged

Phase 5: Removing and covering traces

This is how a hacking attempt is launched o r performed. Now lets learn thesephases in detail to get a clear view.

PHASE 1: INFORMATION GATHERING AND RECONNAISSANCE

As the name suggests, in this phasewe collect all the necessary infor-mation that we can gather or possi-ble to gather. We can call this phaseas preparatory phase also becausethis is where the preparation of

hacking attempt is made. What isthe use of this step? Practically thisis one of the most important phasesbecause this step helps us in eva-luating the target and provides allbasic information that we can be

useful.


12/14

Consider an example: I want to hack somebodys Facebook account. Now what ex-actly we are looking in Information Gathering Phase; First whose Facebook accountI want to hack, name of the user, his date of birth, his email address, his phonenumbers(current and previous one if possible), his/her fianc/spouse details, his

city of birth, his education background, his favorite things, passions, hobbies etc.

We all know that we can extract above mentioned things quite easily. Now how thiscan be useful. First we can use above information for launching Social Engineeringattack (according to latest research 80% people use passwords that are related toabove details). Secondly we can use these details to retrieve accounts or recoverpasswords. Thirdly, we can use his/her favorites/hobbies/passions to create aphishing/Key logging trap. We can do much more these are just examples.

I hope this clears why this is so much important step or phase.

PHASE 2: SCANNING THE TARGET

This phase is applicable to selected category to hack-ing attempts like hacking networks, operating sys-

tems, web applications, web hosting servers etc.

In this phase we launch a Port (in case of network) orURL (in case of Websites) to identify the vulnerabilityin the system like open ports or vulnerable URLs.This is one of the most important steps for launchinghacking attempts on websites or network servers or

web servers.

Consider an example, I want hack some website. Ininformation gathering phase, I will identify all the ba-sic details about the website and its admin or owner. In scan phase I will launch aURL scan to identify infected URLs (URLs that can vulnerable to Injection attacks,

Cross Site scripting attacks, other script based attacks) and launch a scan on web

server to identify anonymous logins or other FTP or port related bugs.

PHASE 3: BREAKING THE SYSTEM AND GAINING THE ACCESS

This is the step where the actual hacking attempt is launched. In this system hack-

er exploits the vulnerabilities that are found in the scanning phase to gain theaccess of the system.

Continuing the above example, now user has identi-fied that so and so URL is vulnerable to SQL Injectionattack. Now in this phase Hacker will launch the SQLinjection attack on the website to get the admin orroot access.


13/14

Is there any assurance that hacking attempt is successful, if hackers followed above

phases?

Young generation want to become Ethical Hacker or just want to limit itself toGirlfriends email and Facebook?

Excited to learn further! Wait for next issue.

PHASE 4: MAINTAINING THE ACCESS WITHOUT GETTING ACKNOWLEDGED

In this phase Hacker tries to maintain his ownership inside the victim s system orweb server. By ownership, I meant that we can upload, download, configure or ma-nipulate the data whenever we want.

Maintaining access depends upon the host system. For Example, if we have hacked

into victims computer system, we will install keyloggers, backdoors or spy rootkitsso that we can remain inside the victim s system. Now if we have hacked into somewebsite, then we will create one more admin user inside the database or changethe file permissions or simply enable the anonymous login so that whenever we

want, we can hack into website again.

Hence the tools like keyloggers, Rats, Trojans, spywares are general tools to main-

tain access into the system.

PHASE 5: REMOVING AND COVERING TRACES

This is one of the most important phase of any hacking attempt. This is the stepwhere you cover your tracks or misdeeds from getting

detected or being caught.

This is necessary to avoid detection and most important-

ly to avoid legal action against you.

This step generally involves deleting of logs, altering oflogs, tunneling, proxifying your details including IP ad-dress and other important data. Why this is so impor-tant? Consider one example, I hacked into someone swebsite and defaced it. Now if victim is good enoughthen he will check the upload logs. Upload logs containsthe IP address and system details from which file hasbeen upload and if he want he can lodge a complaintagainst you in cyber cell and believe me cyber cell hardlytakes 10 minutes to reach anywhere. Then either you go


14/14

to jail or need to pay defamation charges. Hence its always mandatory to cover

your tracks to avoid legal action against you.

i If a Hacker wants to get into your system then he will, what all you can do is that make hisentry harder.

Documents

hacking books from M.MS