Ethical Hacking - In Times Of Cybernetic Attacks And Digital Threats
Cybersecurity for Micro, Small & Medium Enterprises Ethical hacking - in times of cybernetic attacks and digital threats By Gentlab The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Objectives and Goals: At the end of this module you will be able to: Understand the importance of security in general Understand Vulnerability Scanning Know what System Hacking means Understand Malicious programs Grasp the concept of Sniffing The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Index 1. Introduction to Ethical Hacking 2. Information Gathering 3. Scanning, Enumeration 1.1 Information security overview 2.1 Perspectives of the target 3.1 Network scanning, enumeration 1.2 Hacking concepts 2.2 Information about the Target concepts 1.3 Elements of Information security 2.3 Other sources 3.2 Scanning tools 3.3 Spidering concepts 4. System Hacking 5. Malware Threats 6. Sniffing and Session Hijacking 4.1 Concepts 5.1 Malware concepts 6.1 Sniffing concept 4.2 Cracking passwords 5.2 Malicious programs concepts 6.2 Sniffing tools 4.3 Types of Password attacks 5.3 Countermeasures 6.3 Session hijacking The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.1: Information security overview - numbers Today’s numbers Worldwide, there are 4.72 billion internet users 92.8% of the people are browsing through a mobile device The average person spends 6 hours and 56 minutes per day on the Internet There are more than 1.86 billion websites online. Data is the world's most valuable resource today Hackers attack every 39 seconds 70 million phones are lost or stolen every year Cybercrime costs 3.5 billion for US businesses in 2021 26 smart objects are located near every human on earth The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.1: Information security overview - context Today’s context More and more businesses incline to rely on IT The complexity of IT systems increases The number of cybernetic attacks rises Threats and consequences are present into the same context! Data leakage Vulnerable websites Malware attacks (ransomware) Unauthorized access Social engineering attacks (phishing) Advanced Persistent Threats transforms into Monetary loss Wasted resources/reduced productivity Company image damaged and litigation The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.1: Information security overview What does IT Security mean? Confidentiality Access to information in order to know the basis Integrity Data not altered by accident or in an unauthorized way Availability Uninterrupted access to information Authenticity The quality of data, communication or document being genuine Non-Repudiation Guarantee that the sender of a message cannot later deny having sent the message and the recipient cannot deny having received the message The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.2: Hacking concepts RISK Vulnerability * Probability * Impact Terms Hack Value something worth doing/hacking Vulnerability a weakness, design or implementation error that can lead to an unexpected event compromising the security of the system Exploit a breach of the IT system security through vulnerabilities Payload part of the exploit code that performs intended malicious action Zero-Day Attack an attack that exploits computer application vulnerabilities before the software developer releases a patch for the vulnerability Bot a software application that can be controlled remotely to execute or automate predefined tasks The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.2: Hacking concepts Hacker types White hats – security analysts or ethical hackers Grey hats – individuals who work both as black and white, depending on their interest Black hats – they perform malicious or destructive activities, also known as crackers Suicide Hackers – individuals who not worried about facing jail but who are rather interested in accomplishing their goal Script Kiddies – unskilled hackers who run scripts and tools developed by others, without understanding how they work Cyber Terrorists and Organised Crime - motivated by financial gains or political beliefs, they can create a large scals attacks State Sponsored Hackers – individuals employed by the government Hacktivists – individuals who promote their political agenda or beliefs The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.3: Elements of Information security Attacks Motive (Goal) Method (Vector) Vulnerability Attacks are comprised of the motive, method and vulnerability. Here are some examples: Motives (Goal) Method (Vector) Disrupting business continuity Cloud computing Information theft and manipulating data Viruses and Worms,Botnets Financial loss of the target Ransomware Personal or Financial Gain Mobile Threats Revenge Phishing Propagating religious or political beliefs Web Application Threats State or military objectives IoT Threats The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 1: Introduction to Ethical Hacking Section 1.3: Elements of Information security (cont.) Vulnerabilities There are many types of vulnerabilities that hackers can exploit: Network Vulnerabilities These are issues with a network’s hardware or software that expose it to possible intrusion by an outside party Operating System Vulnerabilities These are vulnerabilities within a particular operating system that hackers may exploit to gain access to an asset the OS is installed on—or to cause damage Human Vulnerabilities The weakest link in many cybersecurity architectures is the human element Process Vulnerabilities Some vulnerabilities can be created by specific process controls (or a lack thereof) The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 2: Information Gathering Section 2.1: Perspectives of the target Which are the targets that an attack can point to? System view Technologies, devices, operating systems Logical/Functional view Devices/system purposes (presentation website, ERP, etc.) Physical view Headquarters, equipment locations Temporal view Working days and hours The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 2: Information Gathering Section 2.1: Perspectives of the target Which are the targets that an attack can point to? Social View Data about the employees Lifecycle view The steps of a business process Consequence view If an event triggers another event (what happens if you enter in their building without authorization – do they call the police? J) The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 2: Information Gathering Section 2.2: Information about the Target Where can information about the target be found? Company’s name Company’s website Geographical location The name of some employees IP addresses Internet Search using search engines Public database interrogation: Whois, DNS Social Networks: Facebook/Meta, Linkedin, Twitter, etc. Social engineering The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 2: Information Gathering Section 2.3: Other sources Google, Yahoo, and Bing are targeted at US and EU users, locations and data, just as Baidu targets the Chinese audience Operators should learn to leverage all search engines and their regional varieties. Focused data: most non-US search tools collect and store data primarily or exclusively from their region or country. You may find data on Yandex, but not on google.com (or even google.ru) Language selectivity: international search engines must offer the ability to search in the native language(s). Furthermore, queries conducted in non-Latin character sets may yield more results The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 3: Scanning, Enumeration Section 3.1: Network scanning, enumeration concepts Network Scanning Active system identification, open ports, services, firewall rules, etc. Network Layer analyze (network scanning)/ system (port scanning) Enumeration Determine user accounts, shared folders, etc. Direct interrogation: active connections Activities that implies target interaction Many request in order to obtain different types of information Live hosts, Open ports, Running service’s version Operating system, Network shares, Local users TheDepends on where you are scanning from (outside vs inside the network) European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 3: Scanning, Enumeration Section 3.2: Scanning tools ARP Ping - Determines only targets in local network (LAN) TCP Connect - Simple and fast method that creates complete TCP connections OS Fingerprinting Passive fingerprinting: Analyses the packets that are captured by a machine - Low precision Active fingerprinting: Send packets to the target to see how it react - High precision Banner Grabbing - Many services “present themselves” when we connect The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 3: Scanning, Enumeration Section 3.3: Spidering concept The first step in the process of attacking an application is gathering and examining some key information about it to gain a better understanding of what you are up against The mapping exercise begins by enumerating the application’s content and functionality in order to understand what the application does and how it behaves Much of this functionality is easy to identify, but some of it may be hidden, requiring a degree of guesswork and luck to discover Types of spidering: Automated: using tools (Burp, Paros Proxy, etc.) User directed: both manual and automated The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 4: System Hacking Section 4.1: Concepts Exploitation is a piece of programmed software or script which can allow hackers to take control over a system, exploiting its vulnerabilities. Exploit Payload Vulnerability Payload - the code to be executed after the vulnerability is activated, written as Assembly Language (ASM) Is platform dependent - special exploits for Windows, others for Linux, Android, Mac OS, etc Different types of payloads executes a command or program on remote system download/Upload a file from a URL and execute add user to system accounts shell – provide an interactive shell (Bind shell vs Reverse shell) The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 4: System Hacking Section 4.2: Cracking passwords The passwords are the most used in the authentication mechanism The passwords are vulnerable to some types of attacks Identity theft represents momentary the “computer crime” with the highest rate of growth When a user inserts a password, its hash is computed and compared with the one stored in the database If those two values are the same, the user is then authenticated Salting – the insertion of a random value in hashes’ computing process - increased level of security The salt value is stored together with the hash value in the database If two users have the same passwords, those will be represented as different encrypted values in the database (due to the different salt) The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 4: System Hacking Section 4.3: Types of Password attacks What’s the difference between online and offline password attacks? The difference between offline and online password attacks could be the thing that prevents your account from being hacked and your organization from being breached Online Brute force Easy to be detected Offline Implies gaining the hash values stored locally or transmitted through the network Requires system access Network sniffing - Using tools that identify the network packages received and transmitted and can be copied offline and inspected to be easily identified by hackers The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 5: Malware Threats Section 5.1: Malware concepts Malware typically consists of code developed by cyberattackers, designed to cause extensive damage to data and systems or to gain unauthorized access to a network Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware Malware has actually been a threat to individuals and organizations since the early 1970s when the Creeper virus first appeared. Since then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most disruption and damage as possible. The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 5: Malware Threats Section 5.2: Malicious programs concepts Malicious programs There are three categories: Trojans and rootkits, Viruses, Worms A computer virus can contaminate other files However, viruses can infect outside machines only with assistance of computer users Malware testing http://www.virustotal.com A service that analyses suspicious files and facilities the quick detection of viruses, worms, Trojans and all kinds of malware detected Free and independent service Uses multiple antivirus engines (57 at this moment, but the number is continually increasing) The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 5: Malware Threats Section 5.2: Malicious programs concepts (cont.) Potentially malicious actions may include: Attempts to open, view, delete, modify files Attempts to format disk drives, etc. Modification of system settings (start-up, etc.) Initiation of network communication, etc. Monitoring and Detection of Internet Worms Speed is a crucial aspect here: SQL Slammer worm, appeared in January 2003 and infected more than 90% of vulnerable computers in the internet within 10 minutes; Successful worm attack typically lasts several days infecting hundreds of thousands of computers (Code Red, Nimda, Blaster, etc.); Aim: early detection The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 5: Malware Threats Section 5.3: Countermeasures Install antivirus software that detects and remove infections as they appear Pay attention to the instructions while downloading files or any programs from the Internet Update the antivirus software as often as possible Schedule regular scans for all drives Integrates with the operating system of the host computer and monitors program behaviour in real-time for malicious actions Blocks potentially malicious actions before they affect the system The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 6: Sniffing and Session Hijacking Section 6.1: Sniffing concept A packet sniffer represents a system with a network interface card that operates in promiscuous/monitor mode and capture network packets in real time Used for: Troubleshooting problems (including the security ones) and network analysis Network logging for future analysis (forensics) Hacking tool for username and password interception The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 6: Sniffing and Session Hijacking Section 6.2: Sniffing tools These are the well known tools that can be used for sniffing and also you can see the operating systems where can be used: tcpdump (http://www.tcpdump.org) Unix platform Command line utility WinDump (http://www.winpcap.org/windump/) tcpdump Windows version Ethereal / Wireshark (http://www.wireshark.org/) Has a graphical interface The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 6: Sniffing and Session Hijacking Section 6.3: Session hijacking Concept Exploitation of a valid computer session to gain unauthorized access to information or services in a computer system over TCP/UDP protocols Methods Session fixation where the attacker sets a user's session id to one known to him, for example by sending the user an email with a link that contains a particular session id. The attacker now only has to wait until the user logs in Session sidejacking where the attacker uses packet sniffing to read network traffic between two parties to steal the session cookie The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Unit 6: Sniffing and Session Hijacking Section 6.3: Session hijacking Methods Cross-site scripting where the attacker tricks the user's computer into running code which is treated as trustworthy because it appears to belong to the server, allowing the attacker to obtain a copy of the cookie or perform other operations Malware and unwanted programs can use browser hijacking to steal a browser's cookie files without a user's knowledge, and then perform actions (like installing Android apps) without the user's knowledge Brute-forcing session information (Ex. Telnet, or cookie values over HTTP(S)) The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Bibliography and relevant links Virus testing tools https://www.virustotal.com Certified Ethical Hacker al-hacker-ceh/ Ethical and Unethical Hacking 0-29053-5 9 OWASP https://owasp.org Tools used in Ethical Hacking thical-hacking-tools-to-look-out-for/ The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
Thank you for your attention! The European Commission's support for the production of this publication does not constitute an endorsement of the contents, which reflect the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.
4. System Hacking 3.1 Network scanning, enumeration concepts 3.2 Scanning tools 3.3 Spidering concepts 3. Scanning, Enumeration 1.1 Information security overview 1.2 Hacking concepts 1.3 Elements of Information security 1. Introduction to Ethical Hacking 5.1 Malware concepts 5.2 Malicious programs concepts 5.3 Countermeasures 5. Malware Threats
Hacking Concepts 1.10 What is Hacking? 1.11Who is a Hacker? 1.12 Hacker Classes 1.13 Hacking Phases o Reconnaissance o Scanning o Gaining Access o Maintaining Access o Clearing Tracks Ethical Hacking Concepts 1.14 What is Ethical Hacking? 1.15 Why Ethical Hacking is Necessary 1.16 Scope and Limitations of Ethical Hacking
private sectors is ethical hacking. Hacking and Ethical Hacking Ethical hacking can be conceptualized through three disciplinary perspectives: ethical, technical, and management. First, from a broad sociocultural perspective, ethical hacking can be understood on ethical terms, by the intentions of hackers. In a broad brush, ethical
Benefits of Ethical Hacking Topic 1: Ethical Hacking Discuss the main benefits and risks of ethical hacking. Provide examples and/or details to support your ideas. If you have seen examples of ethical hacking, please share thes
to as “ethical hacking”—hacking for an ethical reason—whereby it will be argued that law and policy ought not to be the same here as for those hacking activities that are purely for economic gain or to cause harm or mischief. As will be seen, I have grouped ethical hacking int
what is ethical hacking?-what is hacking and it's intent?-what determines if a person is a hacker? - what is ethical hacking?-in what ways can hackers gain unauthorized access into system?-common tools used by malicious hackers-ethical hacking and how it plays a role in combating unauthorized access by malicious hackers?
Why Ethical Hacking is Necessary Ethical Hacker needs to think like malicious Hacker. Ethical hacking is necessary to defend against malicious hackers attempts, by anticipating methods they can use to break into a system. To fight against cyber crimes. To protect information from getting into wrong hands.
Definition: Ethical Hacking Hacking - Manipulating things to do stuff beyond or contrary to what was intended by the designer or implementer. Ethical Hacking - Using hacking and attack techniques to find and exploit vulnerabilities for the purpose of improving security with the following: Permission of the owners
Ethical Hacking Foundation Exam Syllabus 8 Literature A Georgia Weidman - Penetration testing, A Hands-On Introduction to Hacking San Francisco, ISBN:978-1-59327-564-8 B Article EXIN Ethical Hacking Foundation. Free download at www.exin.com Optional C D E Stuart McClure, Joel Scambray, George Kurtz - Hacking Exposed 7: Network
