Ethical Hacking EC
Ethical HackingHands-on: for the CuriousJayashree S Kumar, IBM
About Me IBM-Java’s Classes Library developer Worked Extensively on JDK’s Testing IBM’s Invention Development Lead Runtimes team @ IBM Software Labs@Jshreesk
Agenda What ? Why? How? - Hacking 4 Main Types : Network Hacking- Pre-Connection, Gaining Access, Post-Connection Gaining Access Post Exploitation Website Hacking Conclusion
O W A SpenebppPecurityroject
Common Vulnerability Exposures&
WHAT ?
Hacking - Gaining Unauthorised AccessX PermissionSTEALHARMPermissionETHICALX PermissionX STEALX HARM
Why Learn?
Disclaimer: It was claimed that even he could get tricked So CAN You & Me
Existing industryLot of job opportunitiesBig Companies— Majorly InvestedBug Bounty ProgramsForewarned is Pre-armed
How to start?
LabPlace to experiment and practice hacking and pen testing.- A Hacking machine- Other machines to hack- Websites to hack- Networks(All In your Host - VirtualBox )
123
NetworkHacking
NH: Pre-connection attacks- Passiveiwconfig / airmon-ng: Wireless Adaptor to Monitor Mode airmon-ng start wireless apaairodump-ng : Packets sniffing toolBasic airodump-ng wireless apadtorTargeted airodump-ng —bssid {Target Router MAC} —channel X —write Test wireless adpaireplay-ng : Replay Deauthentication attack aireplay-ng --deauth 100000000 -a {Router Mac} -c {Client Mac} wireless adp
1. ifconfig: Changing MAC AddressAnonymus, Bypass filters, Impersonate
2. iwconfig / airmon-ng: Wireless Adaptor to Monitor Mode
3a. airodump-ng : Packets sniffing tool (Basic)
3b. airodump-ng : Packets sniffing tool (Targetted)
4. aireply-ng : Replay Deauthentication attack
NH: Gaining accessaircrack-ng : Analyse the captured packets to get password1. WEP Cracking aircrack-ng basic wep.cap2. WPA / WPA2 crackingcrunch: Creating wordlist crunch [min][max][characters] -t[pattern]- o wordlist.txt aircrack-ng handshake wpa.cap -w wordlist.txt
Information Gathering: SystemsVery crucial, Gives lots details about target machine:- Operating System- Softwares and Services installed- Ports associated.TOOLs: NetDiscover, ZenMap, net.show, Shodan.com
NH: Post-connection attacks - Activearpspoof: Basic ARP spoofing tool arpspoof -i [inerface] -t [clientIP] [gatewayIP] arpspoof -i [inerface] -t [gatewayIP][clientIP]bettercap buttercup -iface interface
1. arpspoof: Basic ARP spoofing tool
1. arpspoof: Basic ARP spoofing toolHacking machineNOTE:Hacked machine
Before ARP SpoofAfter ARP Spoof
2. bettercap: MITM attack tool
Detection n Prevention1. Do not use WEP encryption,2. Use WPA2 with a complex password3. Configuring wireless setting for maximum security1. Detect ARP Poisoning - Using xARP tool2. Detect Suspicious activities in Network - Using Wireshark3. Prevent MITM Attacks by- Encrypting the traffic — HTTPS everywhere plugging1. Use HTTPs instead of HTTP — Can be bypassed - by downgrading2. Use HSTS - Http Strict Transport Security — Can be Manipulated4. Simply use VPN
GainingAccess
GA : Server sideDoesn’t Requires User Intervention; Need the correct IP address Use Default Password to gain accesUse Mis-configured services. r service mostly to login rlogin -l root {target ip}Use services which have backdoorUse code execution vulnrablilitiesTOOLs: Metasploit — Readymade code to run Vulnerabilities(gets published)
GA : Client sideRequires User Intervention - Clicking on link, Downloading a file;Doesn’t Requires IPTOOLs: Veil Framework — Create BackdoorsGithub:Veil-EvasionVeil- OdesionEach having their own Payloads,written by Meterpreter developers
Has lots Payloads.Use: rev https
GA : Socail EngineeringInformation Gathering: UsersVery crucial, To build strategy accordingly.TOOLs: Maltego
Fake EMAILTOOLs: sendemailSTMP Servers - SendGrid, Sendinbluesendemail -s smtp.sendgrid.net:25-xu apikey-xp xxxx-f "p@gmail.com"-t "jsk@gmail.com"-u “IBM Community Day"-m "Did you register for Cloud Dev Yet?"-o message-header "From : IBM Cloud p@gmail.com "
PostExploitation
1
23Blackmail /Ransomeware , Steal Information, Money & Privacy INCLUDED
PreventionDo NOT download outside trusted placeUse trusted NetworkDon’t be MITMedCheck type of file downloadedUse WinMD5 to check hash of the files
Conclusion#BeCyberSmart
Thank U!
InternetSurface Web(Indexed)Deep Web(Not Indexed)Dark Web
Place to experiment and practice hacking and pen testing. - A Hacking machine - Other machines to hack - Websites to hack -Networks (All In your Host - VirtualBox ) Lab. 1 2 3. Network Hacking. iwconfig / airmon-ng: Wireless Adaptor
Hacking Concepts 1.10 What is Hacking? 1.11Who is a Hacker? 1.12 Hacker Classes 1.13 Hacking Phases o Reconnaissance o Scanning o Gaining Access o Maintaining Access o Clearing Tracks Ethical Hacking Concepts 1.14 What is Ethical Hacking? 1.15 Why Ethical Hacking is Necessary 1.16 Scope and Limitations of Ethical Hacking
private sectors is ethical hacking. Hacking and Ethical Hacking Ethical hacking can be conceptualized through three disciplinary perspectives: ethical, technical, and management. First, from a broad sociocultural perspective, ethical hacking can be understood on ethical terms, by the intentions of hackers. In a broad brush, ethical
Benefits of Ethical Hacking Topic 1: Ethical Hacking Discuss the main benefits and risks of ethical hacking. Provide examples and/or details to support your ideas. If you have seen examples of ethical hacking, please share thes
to as “ethical hacking”—hacking for an ethical reason—whereby it will be argued that law and policy ought not to be the same here as for those hacking activities that are purely for economic gain or to cause harm or mischief. As will be seen, I have grouped ethical hacking int
what is ethical hacking?-what is hacking and it's intent?-what determines if a person is a hacker? - what is ethical hacking?-in what ways can hackers gain unauthorized access into system?-common tools used by malicious hackers-ethical hacking and how it plays a role in combating unauthorized access by malicious hackers?
Why Ethical Hacking is Necessary Ethical Hacker needs to think like malicious Hacker. Ethical hacking is necessary to defend against malicious hackers attempts, by anticipating methods they can use to break into a system. To fight against cyber crimes. To protect information from getting into wrong hands.
Definition: Ethical Hacking Hacking - Manipulating things to do stuff beyond or contrary to what was intended by the designer or implementer. Ethical Hacking - Using hacking and attack techniques to find and exploit vulnerabilities for the purpose of improving security with the following: Permission of the owners
Ethical Hacking Foundation Exam Syllabus 8 Literature A Georgia Weidman - Penetration testing, A Hands-On Introduction to Hacking San Francisco, ISBN:978-1-59327-564-8 B Article EXIN Ethical Hacking Foundation. Free download at www.exin.com Optional C D E Stuart McClure, Joel Scambray, George Kurtz - Hacking Exposed 7: Network
