Monday, 31 August 2015

Ethical Hacking - Module1 : Introduction to Ethical Hacking

Essential Hacking Terminologies


Hack value - Often adduced as the reason or motivation for expending effort toward a seemingly useless goal, the point being that the accomplished goal is a hack.

Exploit - An exploit is a defined way to "breach" the "Security" of an IT system through vulnerability. The term Exploit is used when any kind of attack has taken place on a system or network. An Exploit also be a 'malicious s/w' or 'commands' that can cause unanticipated behavior.

Vulnerability - A vulnerability is a "weakness in design" which allows an attacker to reduce a system's information assurance. It’s a loop hole, Limitation or Weakness that becomes a source for an attacker. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.

Target Of Evaluation - A product or component that is identified / subjected to a required security evaluation. This helps the evaluator understand the functioning, technology and vulnerabilities of a particular system or product.

Zero-day Attacks - Exploit software flaws before they are publically disclosed. Zero day attacks are difficult to prevent because they exploit unknown vulnerabilities, for which there are no patches and no antivirus or "Intrusion-Detection-Signatures" they wrote.

Daisy Chaining - Process where a hacker gains entry into a computer or network and then uses it to gain access to another, they usually complete their task and then backtrack to cover their tracks by destroying logs etc.

Double File Extensions - Another easy trick on the filename is to add two extensions to it. This is often combined with long filenames to show only the first extension, such as “Madonna.jpg.exe
Dropper - A dropper is a malicious file used to install malicious code on a computer. Downloader Trojans are sometimes also called droppers.

Back door – a hole deliberately placed by designers into a security system. Hackers use back doors to get into a system.
Bit bucket – the universal data dump. Lost, deleted, or destroyed data ends up here.

Bot - A bot is malicious code that acts like a remotely controlled “robot” for an attacker, with other Trojan and Worm capabilities.
Boot Sector Virus - A boot sector virus is malcode that spreads in the wild by copying itself to the Master Boot Record (MBR) of a hard disk and boot sectors of floppy disks.

Black hats – A criminal hacker who causes damage and breaks the law by hacking.

Backdoor Trojans - Backdoor Trojans provide an attacker with full remote access to a computer. If one code is detected a new private undetected code may have been installed on the computer to maintain access and control. Backdoor Trojans first had “fun stuff” options to open the CD tray, flash the lights on the keyboard, and mess with the mind of a victim. Today they may include a remote C&C server that tracks how many infections per country and log files by IP address. Trojans are sometimes specialized, only grabbing online gaming credentials or software license keys.

Cracker – someone who breaks into a security system. Many hackers separate themselves from crackers because crackers are often tied to organized crime rings.

Cyber Terrorists - who create fear by large-scale disruption of computer network?

Deep magic – a special technique central to a program.

Hacker – a person who is able to break into a computer’s system without permission.

Hacking run – a hacking session that lasts in an excess of eight to ten hours.

Foo – term used as a sample name for programs and files.
File Infector - File infector, mostly a historical term, generally refers to viruses that infect files.

Fake Related Extension - File extensions can be faked – that file with an .mp3 extension may actually be an executable program. Hackers can fake file extensions by abusing a special Unicode character, forcing text to be displayed in reverse order. Windows also hides file extensions by default, which is another way novice users can be deceived – a file with a name like picture.jpg.exe will appear as a harmless JPEG image file.

Fake Icon - Fake icons are often given to files to make a credibility to the users.

Gray hat – a hacker who sometimes hacks illegally and sometimes hacks “legally”. Who use both offensive & defensive.
KISS Principle – acronym for “Keep It Simple Stupid,” used to control development complexity by hackers.

Kluge – a clever programming trick that works for the wrong reason.
Keylogger - Keylogger is a type of Trojan used to capture data keylogged on a system. It may also include sophisticated Trojans that can capture all keystrokes and take pictures of the screen at specific points in time to steal online credentials and other sensitive information. It may also refer to physical keylogger devices that can be placed in line between keyboards and a computer to steal sensitive information. An example of a physical keylogger device is KeyGhost, available at http://www.keyghost.com/keylogger/.
Lots of MIPS but no I/O – describes a system that has a lot of processing power, but a bottlenecked input/output.

Logic Bomb - A logic bomb is a type of Trojan that typically executes a destructive routine when certain conditions are met, such as date and time.

Long File Extensions - Long file extensions have been around for many years. On Windows NTFS based operating systems, the filename can be up to 255 characters long (http://en.wikipedia.org/wiki/Filename). Filenames that are very long are abbreviated with three dots “...,” concealing the true extension of the file.

Macro Viruses - Macro viruses are spreading within Microsoft Office software. They are created within Visual Basic for Applications or WordBasic, and spread through Office documents such as DOC files.
Munge – a rewrite of a routine, data structure, or whole program.
Netiquette – the standards of politeness across the internet; not often observed by hackers.

Phreaking – the science of cracking a phone network.

Polymorphic - Polymorphic viruses assume many (poly) shapes and forms (morphic) by encrypting code differently with each infection.

Payload - A payload is the primary action of a malicious code attack. A payload refers to the component of a computer virus that executes a malicious activity. It is the part of the transmitted data which is the fundamental purpose of the transmission.

Proof of Concept - Proof of concept (POC) is a functional code used to prove exploitation or functionality. POCs are sometimes created by authors of exploits to prove that exploitation of a vulnerability is possible.

Script kiddie – a “copycat hacker” who copies other hacker’s techniques without creating anything of their own. An unskilled hacker.

Security through obscurity – hacker term for a common way of dealing with security holes where they are ignored and not documented with the hope nobody finds them.

Sneaker – an individual hired to break into places with the purpose of testing their security.

Spaghetti code – code that has a complex and tangled control structure.

Spy Hackers - Individuals employed by organization to penetrate and gain trade secret of the competitor.

State Sponsored Hackers - Individuals employed by governments to penetrate and gain top-secret information and to damage information systems of other governments.

Suicide Hacker - Individual who aims to bring down critical infrastructure for a cause, and are not worried about facing jail terms or any other kind of punishment.

Time bomb – program that is set to trigger once certain conditions are reached.

Trojan horse – program that disguises itself as one thing but once inside a computer, it actually does something else. Most often, they are damaging (viruses), but not all are.

Trojan - A Trojan is a malicious software that masquerades as something it is not. It does not replicate. One of the most common Trojans in the wild in 2008 is downloader Trojans from generic family names like Agent, Small, and Deaf.

White hats – a hacker who is considered “nice” i.e. when he hacks, he informs the owner he has done it. Using for defensive purpose, which used for security purposes.

Vaporware – term used by hackers referring to products released in advance of their official release date.

Wetware – phrase referring to humans on the other end of a computer system.

Virus – a self-replicating program that inserts itself into computer systems and causes damage. A virus is a malicious software that infects a host file to spread. It is commonly used in a general sense to refer to all sorts of malcode, but this is not technically accurate.


Voodoo programming – the use by guess of an obscure system that someone doesn’t really understand; i.e., whether it works or doesn’t work, the user has no real idea why.

Vulcan nerve pinch – a keyboard combination that forces a soft-boot.
Wedged – a point where a system is stuck; different from a crash, where the system is nonfunctioning.

Wizard – person who completely understands how a program or process works.

Worm - A worm is malicious software that creates a copy of itself (or clones itself) to spread. For example, a mass-mailing worm sends out copies of itself via e-mail. Some individuals prefer to call worms any code that traverses across a network through various means.

Vector - The vector of attack is how transmission of malcode takes place, such as e-mail, a link sent to an instant messenger user, or a hostile Web site attempting to exploit vulnerable software on a remote host. An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome.

The vector is where the malcode comes from, which can be a form of media transfer such as e-mail or P2P networks, or exploitation combined with Web browsing.

For example, default view settings of Windows do not show the true extension of a file. “report.doc” may only appear as “report” to the end user. Various methods exist to then trick users into thinking malicious files are safe, exploiting this default behavior of Windows, when it is actually malicious.

Peer-to-Peer Networks - Peer-to-peer (P2P) networks involve hosts sharing files with one another, either directly or through a centralized P2P server. However, risk escalates to more than 75% on average once a user starts to search for terms like famous women used in social engineering, like “Paris,” or pornography related terms and illegal terms like “warez” and “crack.”

Internet Relay Chat (IRC) - was a big part of how people “chatted” or communicated near the turn of the century. Today, social networking sites and forums are dominating the scene as IRC falls into the background. IRC is still used by thousands daily and has similar threats to several years ago. It is common to receive spammed messages within IRC chat rooms, private messages from bots by bad actors, and more. Sometimes bad actors attempt to exploit vulnerable software (chat clients) or may send malcode through IRC to the user via links or files directly through a DCC connection.

False positive - monitoring triggered an event but nothing was actually wrong, and in doing so the monitoring has incorrectly identified benign communications as a danger.
True positive - the monitoring system recognized an exploit event correctly.

True negative - the monitoring system has not recognized benign traffic as cause for concern. In other words, it does nothing when nothing needs to be done. This is good.

Tuning - customizing a monitoring system to your environment.
Promiscuous interface - a network interface that collects and processes all of the packets sent to it regardless of the destination MAC address.


Signature - a -- String of characters or activities found within processes or data communications that describes a known system attack. Some monitoring systems identify attacks by means of a signature.

IDS can alert to these conditions by matching known conditions (signatures) with unknown but suspect conditions (anomalies).

--> Confidentiality—unauthorized access may breach confidentiality
--> Integrity—corruption due to an attack destabilizes integrity
--> Availability—denial of service keeps data from being available
Hostile Codecs (Zlob) / E-Mail / Web-Based Attacks / Brute Force Attacks / Instant Messaging / Adware / Spyware / Potentially Unwanted Programs

Hacktivism
Hacktivism is an act of promoting a political agenda by hacking especially by defacing or disabling website. Hacktivism is motivated by revenge,political or social reasons, ideolog etc


Pre-Attack Phase


Hacking Phases / Hacking Life Cycle : 

The various phases involved in hacking are:

* Reconnaissance / Information Gathering / Foot Printing

* Scanning

* Gaining Access

* Maintaining Access

* Clearing Tracks


Types of Security Policies

A Security Policy is a document that contains information on the way the company plans to protect its information assets from known and unknown threats. These policies help to maintain the confidentially, availability and integrity of information.


Four types of policies are:

Promiscuous Policy: No restrictions on internet or remote access

Permissive Policy: Policy begins wide open and only known dangerous services/attacks blocked, which makes it difficult to keep up with current exploits.

Prudent Policy: It provides maximum security while allowing known but necessary dangers. It blocks all services and only safe/necessary services are enabled individually; everything is logged.

Paranoid Policy: It forbids everything, no internet connection, or severely limited internet usage.

No comments:

Post a Comment