Hacking The Ultimate Hacking For Beginners
Hacking The Ultimate Hacking For Beginners
Hacking The Ultimate Hacking For Beginners
1st Edition
Price : $ 3.99 (USD)
COPYRIGHT NOTICE
Kevin Smith
This book shall not be copied or reproduced unless you have obtained specific permissions for the
same from the author Kevin Smith. Any unauthorized use, distribution or reproduction of this eBook is
strictly prohibited.
DISCLAIMER
This book has been published for education purpose only. It does not in deem to legitimize certain
steps that may be illegal under applicable law and organization policies in different parts of the
world. This book does not contain any legal permission on what may be deemed as legal. Readers are
advised to examine the privacy policy, organization policies and the laws of respective countries
before taking their own decisions. They cannot rely on the present publication as a defense in any
proceeding. The publisher and author are not liable for any steps that a reader may take based on this
publication and are not responsible for any steps that may have been taken after reading the
publication. Microsoft Windows and any other marks used (Pictures, Screen Shots, etc.) have been
used descriptively as the marks are owned by third parties.
CONTENTS
Click the below chapter links to go to that chapter
CHAPTER 1 : Hacking briefly
CHAPTER 2 : Classification various Kind of hacking
CHAPTER 3 : Computer Security Computer Crime and Intelligence Agency
CHAPTER 4 : Network systems and DNS working
__________________________________
CHAPTER 1
Hacking briefly
__________________________________
Hacking
Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of
the creator's original purpose.
The most fundamental meaning of hacking is gaining unauthorized access to data in a system or
computer.
Hacking is exploiting security controls either in a technical, physical or a human-based element. ~
Kevin Mitnick
The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle
and philosophy of their choice, is called a hacker.
Computer hacking is the most popular form of hacking nowadays, especially in the field of computer
security.
The mass attention given to blackhat hackers from the media cause the whole hacking term is often
mistaken for any security related cybercrime.
However, the word "hacking" has two definitions. The first definition refers to the hobby/profession
of working with computers. The second definition refers to modifies computer hardware or software
in a way that changes the creator's original intent.
It is the art of exploiting computers to get access to otherwise unauthorized information. Now that the
world is using IT systems to gather, store and manipulate important information there is also a need to
make sure that data is secure. However, no system is without is problems. Holes are often present
within security systems which, if exploited, allow hackers to gain access to this otherwise restricted
information.
Purpose behind Hacking : When somebody tries to access other's computer systems with the aim
of destroying or altering important information or data, such an activity is defined as hacking and
the person is called a hacker. It is believed that hacking activities are not backed by solid logical
reasons. On the contrary, hackers try to experiment with the computer brilliance by trying of
affect other system with viruses. Hacking is done mostly for sheer pleasure by which a hacker
wants to prove his skills. But if at all one searches for reasons behind it, it can be logically
concluded Hacking is carried out with the objective of tracing vital information and affecting
computer systems with viruses.
Hacker
Hacker is a term used by some to mean "a clever programmer" and by others, especially those in
popular media, to mean "someone who tries to break into computer systems.
Cracking
Cracking is the act of breaking into a computer system, often on a network. A cracker can be doing
this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there.
Some breaking-and-entering has been done ostensibly to point out weaknesses in a site's security
system.
Contrary to widespread myth, cracking does not usually involve some mysterious leap of hackerly
brilliance, but rather persistence and the dogged repetition of a handful of fairly well-known tricks
that exploit common weaknesses in the security of target systems. Accordingly, most crackers are
only mediocre hackers. These two terms should not be confused with each others. Hackers generally
deplore cracking.
Cracker
A cracker is someone who breaks into someone else's computer system, often on a network; bypasses
passwords or licenses in computer programs; or in other ways intentionally breaches computer
security.
identity theft. This identity theft can cause damages to credit ratings from consumer agencies, run-ins
with the law because the person who stole the identity committed a crime, or other damages which
may not be repairable at all.
E-mail Access Hackers have the ability to gain access to personal e-mail accounts. These can have
a variety of information and other private files which most people would regard as important. This
information could also hold sensitive data which could be used against someone or simply cause ruin
for those who are involved in the breach of privacy.
Website Security Many websites have been victims of hackers. Usually the hackers would simply
destroy data and leave the websites in an inoperable state which would leave website owners with
the task of rebuilding their sites from scratch if they did not have a backup. This could also pose risks
for companies who had their consumer's payment information hosted on their websites. Defacing the
websites by leaving tags or "calling cards" stating the unknown group's signature was not uncommon
in the early days of hacking websites.
Before the Internet, there was ARPANET (Advanced Research Projects Agency Network), which
was used by the United States government Department of Defense. Morris created the Morris worm,
which was meant to gauge the size of the Internet but had actually gained access to ARPANET by
accessing vulnerabilities in Unix based systems which were in use at the time.
There was an error in his coding of the worm which caused replication at exponential rates which
gained access into NASA and the Air Force systems. It was not intended to harm the computers, but
did show that they were vulnerable to attacks. He got off with only community service even though
federal guidelines should have given him extensive consequences for his actions. He was hired by
MIT and is currently a professor working in the Artificial Intelligence Laboratory.
___________________________
CHAPTER 2
Classification
various Kind of hacking
___________________________
Computer Hackers have been around for so many years. Since the Computer and Internet became
widely used in the World, We have started to hear more and more about hacking.
As the word Hacking has two meaning, so the word Hacker is a word that has two meanings:
Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers
enjoy Exploring and Learning how Computer systems operate. They love discovering new ways to
work electronically.
Recently, Hacker has taken on a new meaning that someone who finds weaknesses in a computer or
computer network, though the term can also refer to someone with an advanced understanding of
computers and computer networks.
Normally, Hackers are people who try to gain unauthorized access to your computer.
With controversy, the term hacker is reclaimed by computer programmers who argue that someone
breaking into computers is better called a cracker, not making a difference between computer
criminals (black hats) and computer security experts (white hats). Some white hat hackers claim that
they also deserve the title hacker, and that only black hats should be called crackers.
If hackers, if anyone committing a criminal act, wants to reduce their risk, they obviously don't
involve anybody else. The greater the circle of people that know what you're doing, the higher the
risk. ~ Kevin Mitnick
Classifications of Hacker
There are many more types of hackers in the world according to their motive and type of work. The
following list forwards one mote steps to better knowing hackers.
White hat hacker
The term "White hat hacker" refers to an ethical hacker, or a computer security expert, who
specializes in penetration testing and in other testing methodologies to ensure the security of an
organization's information systems. Ethical hacking is a term coined by IBM meant to imply a broader
category than just penetration testing. White-hat hackers are also called penetration tester, sneakers,
red teams, or tiger teams. Generally, White hat hackers or ethical hackers are the good guy in the
world of hackers.
Black hat hacker
A black hat hacker is an individual with extensive computer knowledge whose purpose is to breach
or bypass internet security. Black hat hackers are also known as crackers or dark-side hackers. The
general view is that, while hackers build things, crackers break things. They are computer security
hackers that break into computers and networks or also create computer viruses. The term black hat
comes from old westerns where the bad guys usually wore black hats.
Black hat hackers break into secure networks to destroy data or make the network unusable for those
who are authorized to use the network.
They choose their targets using a two-pronged process known as the "pre-hacking stage".
Step 1: Targeting
Step 2: Research and Information Gathering
Step 3: Finishing the Attack
Grey hat hacker
A grey hat hacker is a combination of a black hat and a white hat hacker. It may relate to whether they
sometimes arguably act illegally, though in good will, or to show how they disclose vulnerabilities.
They usually do not hack for personal gain or have malicious intentions, but may be prepared to
technically commit crimes during the course of their technological exploits in order to achieve better
security.
Blue hat
A blue hat hacker is someone outside computer security consulting firms who is used to bug test a
system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term
BlueHat to represent a series of security briefing events.
Elite hacker
A social status among hackers, elite is used to describe the most skilled. Newly discovered activities
will circulate among these hackers.
Script kiddie
A script kiddie (or skiddie) is a non-expert who breaks into computer systems by using pre-packaged
automated tools written by others, usually with little understanding of the underlying concept hence
the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child an individual lacking
knowledge and experience, immature).
Neophyte newbie
A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no
knowledge or experience of the workings of technology, and hacking.
Hacktivist
A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or
political message. In general, most hacktivism involves website defacement or denial-of-service
attacks.
Nation state
_____________________
CHAPTER 3
Computer Security
Computer Crime and
Intelligence Agency
_____________________
Computer Security
The security applied to computing devices such as computers and smartphones, as well as computer
networks such as private and public networks, including the whole Internet is called as Computer
Security.
It includes physical security to prevent theft of equipment and information security to protect the data
on that equipment. It is sometimes referred to as "Cyber Security" or "IT security".
Cybersecurity is the process of applying security measures to ensure confidentiality, integrity, and
availability of data.
Computer Threats
A threat is a possible danger that might exploit a vulnerability to breach security and thus cause
possible harm.
It can be either "intentional" (i.e., intelligent; e.g., an individual cracker or a criminal organization) or
"accidental" (e.g., the possibility of a computer malfunctioning, or the possibility of a natural disaster
such as an earthquake, a fire, or a tornado) or otherwise a circumstance, capability, action, or event.
Computer Crime
Computer crime refers to any crime that involves a computer and a network. Net crime refers to
criminal exploitation of the Internet.
Cybercrimes are defined as: "Offences that are committed against individuals or groups of
individuals with a criminal motive to intentionally harm the reputation of the victim or cause
physical or mental harm to the victim directly or indirectly, using modern telecommunication
networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones
(SMS/MMS)".
Such crimes may threaten a nations security and financial health. Issues surrounding this type of
crime has become high-profile, particularly those surrounding cracking, copyright infringement, child
pornography, and child grooming. There are also problems of privacy when confidential information
is lost or intercepted, lawfully or otherwise.
1. Crimes that primarily target computer networks or devices include: Computer viruses,
Denial-of-service attacks, Malware (malicious code)
2. Crimes that use computer networks or devices to advance other ends include: Cyber
CIA America
Formed : September 18, 1947
Agency executive : Leon Panetta, Director
Parent agency : Central Intelligence Group
CIA is the largest of the intelligence agencies and is responsible for gathering data from other
countries that could impact U.S. policy. It is a civilian intelligence agency of the United States
government responsible for providing national security intelligence to senior United States
policymakers. The CIA also engages in covert activities at the request of the President of the United
States of America. The CIAs primary function is to collect information about foreign governments,
corporations, and individuals, and to advise public policymakers. The agency conducts covert
operations and paramilitary actions, and exerts foreign political influence through its Special
Activities Division. It has failed to control terrorism activities including 9/11, Not even a single top
level Al-Queda leader captured own its own in the past 9 years they missed 1 Million Soviet
troops marching into Afghanistan. Iraqs Weapons of Mass Destruction, Have the found them yet? Number of defectors/ double agents numbers close to a thousand. On 50th anniversary of CIA,
President Clinton said By necessity, the American people will never know the full story of your
courage. Indeed, no one knows that what CIA really does. Highly funded and technologically most
advanced Intelligence set-up in the world.
British equivalent to the CIA, has had two big advantages in staying effective: The British Official
Secrets Act and D notices can often prevent leaks (which have been the bane of the CIAs existence).
Some stories have emerged. In the Cold War, MI6 recruited Oleg Penkovsky, who played a key part
in the favorable resolution of the Cuban Missile Crisis, and Oleg Gordievski, who operated for a
decade before MI6 extracted him via Finland. The British were even aware of Norwoods activities,
but made the decision not to tip their hand. MI6 also is rumored to have sabotaged the Tu-144
supersonic airliner program by altering documents and making sure they fell into the hands of the
KGB.
ISI Pakistan
Formed : 1948
Jurisdiction : Government of Pakistan
Headquarters : Islamabad, Pakistan
Agency executive : Lieutenant General Ahmad Shuja Pasha, PA Director General
With the lengthiest track record of success, the best know Intelligence so far on the scale of records is
ISI. The Inter-Services Intelligence was created as an independent unit in 1948 in order to strengthen
the performance of Pakistans Military Intelligence during the Indo-Pakistani War of 1947. Its success
in achieving its goal without leading to a full scale invasion of Pakistan by the Soviets is a feat
unmatched by any other through out the intelligence world. KGB, The best of its time, failed to
counter ISI and protect Soviet interests in Central Asia. It has had 0 double agents or Defectors
through out its history, considering that in light of the whole war campaign it carried out from money
earned by selling drugs bought from the very people it was bleeding, The Soviets. It has protected its
Nuclear Weapons since formed and it has foiled Indian attempts to attain ultimate supremacy in the
South-Asian theatres through internal destabilization of India. It is above All laws in its host country
Pakistan A State, with in a State. Its policies are made outside of all other institutions with the
exception of The Army. Its personnel have never been caught on camera. Its is believed to have the
highest number of agents worldwide, close to 10,000. The most striking thing is that its one of the
least funded Intelligence agency out of the top 10.
Mossad Israel
Formed : December 13, 1949 as the Central Institute for Coordination
Agency executive : Meir Dagan, Director
Parent agency : Office of the Prime Minister
The Mossad is responsible for intelligence collection and covert operations including paramilitary
activities. It is one of the main entities in the Israeli Intelligence Community, along with Aman
(military intelligence) and Shin Bet (internal security), but its director reports directly to the Prime
Minister. The list of its successes is long. Israels intelligence agency is most famous for having taken
out a number of PLO operatives in retaliation for the attack that killed eleven Israeli athletes at the
1972 Olympic games in Munich. However, this agency has other success to its name, including the
acquisition of a MiG-21 prior to the Six-Day war of 1967 and the theft of the plans for the Mirage 5
after the deal with France went sour. Mossad also assisted the United States in supporting Solidarity
in Poland during the 1980s.
MSS China
Jurisdiction : Peoples Republic of China
Headquarters : Beijing
Agency executive : Geng Huichang, Minister of State Security
Parent agency : State Council
Ministry of State Security is the security agency of the Peoples Republic of China. It is also probably
the Chinese governments largest and most active foreign intelligence agency, though it is also
involved in domestic security matters. Article 4 of the Criminal Procedure Law gives the MSS the
same authority to arrest or detain people as regular police for crimes involving state security with
identical supervision by the procuratorates and the courts. It is headquartered near the Ministry of
Public Security of the Peoples Republic of China in Beijing. According to Liu Fuzhi, SecretaryGeneral of the Commission for Politics and Law under the Central Committee of the Communist Party
of China and Minister of Public Security, the mission of the MSS is to ensure the security of the state
through effective measures against enemy agents, spies, and counter-revolutionary activities designed
to sabotage or overthrow Chinas socialist system. One of the primary missions of the MSS is
undoubtedly to gather foreign intelligence from targets in various countries overseas. Many MSS
agents are said to have operated in the Greater China region (Hong Kong, Macau, and Taiwan) and to
have integrated themselves into the worlds numerous overseas Chinese communities. At one point,
nearly 120 agents who had been operating under non-official cover in the U.S., Canada, Western and
Northern Europe, and Japan as businessmen, bankers, scholars, and journalists were recalled to
China, a fact that demonstrates the broad geographical scope of MSS agent coverage.
BND Germany
Formed : 1 April 1956
Agency executive : Gehlen Organization
Parent agency : Central Intelligence Group
The Bundesnachrichtendienst is the foreign intelligence agency of the German government, under the
control of the Chancellors Office. The BND acts as an early warning system to alert the German
government to threats to German interests from abroad. It depends heavily on wiretapping and
electronic surveillance of international communications. It collects and evaluates information on a
variety of areas such as international terrorism, WMD proliferation and illegal transfer of technology,
organized crime, weapons and drug trafficking, money laundering, illegal migration and information
warfare. As Germanys only overseas intelligence service, the BND gathers both military and civil
intelligence.
FSB Russia
Formed : 3 April, 1995
Headquarters : Lubyanka Square
Preceding agency : KGB
The Federal Security Service of Russian Federation (FSD) is the main domestic security agency of
the Russian Federation and the main successor agency of the Soviet-era Cheka, NKVD and KGB. The
FSB is involved in counter-intelligence, internal and border security, counter-terrorism, and
surveillance. Its headquarters are on Lubyanka Square, downtown Moscow, the same location as the
former headquarters of the KGB. All law enforcement and intelligence agencies in Russia work under
the guidance of FSB, if needed. For example, the GRU, spetsnaz and Internal Troops detachments of
Russian Ministry of Internal Affairs work together with the FSB in Chechnya. The FSB is responsible
for internal security of the Russian state, counterespionage, and the fight against organized crime,
terrorism, and drug smuggling. The number of FSB personnel and its budget remain state secrets,
although the budget was reported to jump nearly 40% in 2006.
DGSE France
Formed : April 2, 1982
Preceding agency : External Documentation and Counter-Espionage Service
Minister responsible : Herv Morin, Minister of Defence
Agency executive : Erard Corbin de Mangoux, Director
Directorate General for External Security is Frances external intelligence agency. Operating under
the direction of the French ministry of defence, the agency works alongside the DCRI (the Central
Directorate of Interior Intelligence) in providing intelligence and national security, notably by
performing paramilitary and counterintelligence operations abroad. The General Directorate for
External Security (DGSE) of France has a rather short history compared to other intelligence agencies
in the region. It was officially founded in 1982 from a multitude of prior intelligence agencies in the
country. Its primary focus is to gather intelligence from foreign sources to assist in military and
strategic decisions for the country. The agency employs more than five thousand people.
RAW India
Formed : 21 September 1968
ASIS Australia
Formed : 13 May 1952
Headquarters : Canberra, Australian Capital Territory, Australia
Minister responsible : The Hon. Stephen Smith MP, Minister for Foreign Affairs
Agency executive : Nick Warner, Director-General
Australian Secret Intelligence Service is the Australian government intelligence agency responsible
for collecting foreign intelligence, undertaking counter-intelligence activities and cooperation with
other intelligence agencies overseas. For more than twenty years, the existence of the agency was a
secret even from its own government. Its primary responsibility is gathering intelligence from mainly
Asian and Pacific interests using agents stationed in a wide variety of areas. Its main purpose, as with
most agencies, is to protect the countrys political and economic interests while ensuring safety for
the people of Australia against national threats.
______________________________
CHAPTER 4
Network systems and DNS working
______________________________
Computer Network
A computer network is a group of computer systems and other computing hardware devices that are
linked together through communication channels to facilitate communication and resource-sharing
among a wide range of users. Networks are commonly categorized based on their characteristics.
One of the earliest examples of a computer network was a network of communicating computers that
functioned as part of the U.S. military's Semi-Automatic Ground Environment (SAGE) radar system.
In 1969, the University of California at Los Angeles, the Stanford Research Institute, the University of
California at Santa Barbara and the University of Utah were connected as part of the Advanced
Research Projects Agency Network (ARPANET) project. It is this network that evolved to become
what we now call the Internet.
Networks are used to:
Facilitate communication via email, video conferencing, instant messaging, etc.
Enable multiple users to share a single hardware device like a printer or scanner
Enable file sharing across the network
Allow for the sharing of software or operating programs on remote systems
Make information easier to access and maintain among network users
There are many types of networks, including:
Local Area Networks (LAN)
The computers are geographically close together (that is, in the same building).
Wide Area Networks (WAN)
The computers are farther apart and are connected by telephone lines or radio waves.
Metropolitan Area Networks (MAN)
A data network designed for a town or city.
Home Area Networks (HAN)
A network contained within a user's home that connects a person's digital devices.
Intranet
An intranet is basically a network that is local to a company. In other words, users from within this
company can find all of their resources without having to go outside of the company. An intranet can
include LANs, private WANs and MANs,
Extranet
An extranet is an extended intranet, where certain internal services are made available to known
external users or external business partners at remote locations.
Internet
An internet is used when unknown external users need to access internal resources in your network. In
other words, your company might have a web site that sells various products, and you want any
external user to be able to access this service.
VPN
A virtual private network (VPN) is a special type of secured network. A VPN is used to provide a
secure connection across a public network, such as an internet. Extranets typically use a VPN to
provide a secure connection between a company and its known external users or offices.
Authentication is provided to validate the identities of the two peers.
Confidentiality provides encryption of the data to keep it private from prying eyes.
Integrity is used to ensure that the data sent between the two devices or sites has not been tampered
with.
Benefits of networking
There are lots of advantages from build up a network, but the three big facts areFile Sharing
From sharing files you can view, modify, and copy files stored on a different computer on the network
just as easily as if they were stored on your computer.
Resource Sharing
Resources such as printers, fax machines, Storage Devices (HDD, FDD and CD Drives), Webcam,
Scanners, Modem and many more devices can be shared.
Program Sharing
Just as you can share files on a network, you can often also share program on a network. For example,
if you have the right type of software license, you can have a shared copy of Microsoft Office, or
some other program, and keep it on the network server, from where it is also run.
Network Host
A network host (or simply referred to as a host) can be any computer or network device connected to
the computer network. This computer can be a terminal or a web server offering services to its
clients.
Network Protocol
A network protocol (or just referred to as protocol) is a set of rules and conventions that are
necessary for the communication between two network devices. For example, two computers on a
network can communicate only if they agree to follow the protocols.
The following are some of the most widely referred network protocols:
Types of IP Address
Private IP Address: A private IP address is the one that is assigned to a computer on the Local Area
Network (LAN). A typical example of private IP address would be something like: 192.168.0.4
Public IP Address: A public IP address is the one that is assigned to a computer connected to the
Internet. An example public IP address would be something like: 59.93.115.119
In most cases a computer gets connected to the ISP network using a private IP. Once a computer is on
the ISP network it will be assigned a public IP address using which the communication with the
Internet is made possible.
Finding your public IP is extremely simple. Just type what is my IP on Google to see your public IP
address displayed in search results.
In order to find your private IP, just open the command prompt window (type cmd in the Run box)
and enter the following command:
ipconfig/all
This will display a long list of details about your computers network devices and their configuration.
To see your private IP address, just scroll down to find something as IPv4 Address which is
nothing but your private IP.
Telnet
Telnet is a network protocol that allows you to connect to remote hosts on the Internet or on a local
network. It requires a telnet client software to implement the protocol using which the connection is
established with the remote computer.
In most cases telnet requires you to have a username and a password to establish connection with the
remote host. Occasionally, some hosts also allow users to make connection as a guest or public.
After the connection is made, one can use text based commands to communicate with the remote host.
The syntax for using the telnet command is as follows:
telnet <hostname or IP> port
WWW
The World Wide Web (abbreviated as WWW or W3, and commonly known as the Web) is a system
of interlinked hypertext documents accessed via the Internet. With a web browser, one can view web
pages that may contain text, images, videos, and other multimedia, and navigate between them via
hyperlinks.
It is the collection of internet resources (such as FTP, telnet, Usenet), hyperlinked text, audio, and
video files, and remote sites that can be accessed and searched by browsers based on standards such
as HTTP and TCP/IP.
Developed by SSH Communications Security Ltd., Secure Shell is a program to log into another
computer over a network, to execute commands in a remote machine, and to move files from one
machine to another. It provides strong authenticationand secure communications over insecure
channels. It is a replacement for rlogin, rsh, rcp, and rdist.
SSH protects a network from attacks such as IP spoofing, IP source routing, and DNS spoofing.
An attacker who has managed to take over a network can only force ssh to disconnect. He or she
cannot play back the traffic or hijack the connection when encryptionis enabled.
When using ssh's slogin (instead of rlogin) the entire login session, including transmission of
password, is encrypted; therefore it is almost impossible for an outsider to collect passwords.
SSH port forwarding allows you to establish a secure SSH session and then tunnel TCP connections
through it. It works by opening a connection to forward a local port to a remote port over SSH.
The client software (e.g. your e-mail client) is then set to connect to the local port. With SSH port
forwarding passwords are sent over an encrypted connection. Also called SSH tunneling.
Network Port
A computer may be running several services on it like HTTP (web server), SMTP, FTP and so on.
Each of these services are uniquely identified by a number called network port (or simply referred to
as port). If a computer wants to avail a specific service from another computer, it has to establish a
connection to it on the exact port number where the intended service is running.
For example, if a terminal is to request a web document from a remote server using HTTP, it has to
first establish a connection with the remote server on port 80 (HTTP service runs on port 80) before
placing the request.
In simple words, port numbers can be compared to door numbers where each door grants access to a
specific service on a computer.
List of Well-Known Ports
Port
Description
Number
1
TCP Port Service Multiplexer
(TCPMUX)
5
Remote Job Entry (RJE)
7
ECHO
18
Message Send Protocol (MSP)
20
FTP -- Data
21
FTP -- Control
22
SSH Remote Login Protocol
23
Telnet
25
Simple Mail Transfer Protocol
(SMTP)
29
MSG ICP
37
Time
42
Host Name Server (Nameserv)
43
WhoIs
49
Login Host Protocol (Login)
53
Domain Name System (DNS)
69
70
79
80
103
108
109
110
115
118
119
137
139
143
150
156
161
179
190
194
197
389
396
443
444
445
458
546
547
563
569
1080
A port number is a way to identify a specific process to which an Internet or other network
message is to be forwarded when it arrives at a server.
A port number is a way to identify a specific process to which an Internet or other network
message is to be forwarded when it arrives at a server. For the Transmission Control Protocol and
the User Datagram Protocol, a port number is a 16-bit integer that is put in the header appended
to a message unit. This port number is passed logically between client and server transport layers
and physically between the transport layer and the Internet Protocol layer and forwarded on.
DNS is basically a large database which resides on various computers that contains the names and IP
addresses of various hosts/domains. Other than ip-address DNS also associates various information
with the domain names.
Structure of a DNS
DNS uses a hierarchical tree based name structure. At top of the tree is the root (represented as a
dot (.) ) followed by the TLD ( Top Level Domain ), then by the domain-name and any number of
lower level sob-domains separated by a dot.
The following shows a sample representation of the structure of the DNS tree:
The Authority for the root domain and gTLD lies with Internet Corporation for Assigned Numbers and
Names (ICANN). ccTLDs are delegated to individual countries for administration purpose. Each
level in the hierarchy may delegate the authoritative control to the next lower level. There is a DNS
server running in every level of the hierarchy and the responsibility of running the DNS server lies
with the Authority at that level.
For Example, when the root domain gets a DNS query for www.example.com, the root will delegate
responsibility for resolving to its lower level .com, which in-turn will delegate to example.
Finally the DNS server in the example will respond with the IP address of the hostname www.
A zone is simply a portion of a domain. For example, the domain example.com may contain all the
information for a.example.com, b.example.com and c.example.com. However, the zone example.com
contains only information for example.com and delegates the responsibility to the authoritative name
servers for the subdomains. In general, if there are no subdomains, then the zone and domain are
essentially the same.
Resource Records
A DNS zone database is made up of a collection of resource records. Each resource record specifies
information about a particular object. The DNS server uses these records to answer queries for hosts
in its zone. For example, address mapping (A) record, map a host name to an IP address, and reverselookup pointer (PTR) records map an IP address to a host name. Here are some of commonly used
Resource Records.
A Record: The A record specifies the IP address of a host. A record will have the details of the
domain name and its associated IP address. When a Query is given to resolve domain name, DNS
server will refer the A record and answer with the IP address present in the record.
PTR Record: A PTR record maps the IP address to a specific host.
NS Record: An NS record or name server record maps a domain name to a list of DNS servers
authoritative for that domain. Delegations depend on NS records.
MX Record: An MX record or mail exchange record maps a domain name to a list of mail exchange
servers for that domain. For example, when you send a mail to [email protected], the mail will be
routed to the Mail Server as specified in MX record.
DNS Queries
A DNS query would be something like what is the IP address of a.example.com. A DNS server may
receive such a query for any domain, to which it has no information about. The DNS server will
respond is different ways for which it has no information about.
The following are the three types of DNS queries:
1. Recursive query
2. Iterative query
3. Inverse query
In Recursive query, the following are the steps involved when a host queries its local DNS server for
a.example.com.
Host sends query what is the IP address of a.example.com to locally configured DNS
server.
DNS server looks up a.example.com in local tables not found
DNS sends query to a root-server for the IP of a.example.com
The root-server replies with a referral to the TLD servers for .com
The DNS server sends query what is the IP address a.example.com to one of the .com TLD
servers.
The TLD server replies with a referral to the name servers for example.com
The DNS server sends query what is the IP address a.example.com to name server for
example.com.
Zone file defines a A record which shows a s IP address is x.x.x.x.
DNS returns the A record for a.
In Iterative query, if the DNS server doesnt know the answer, it will refer other DNS server as
response. So the client which initiates the query will once again contact the DNS server which came
in as response.
In Inverse query, an IP address will be provided and a hostname will be asked.
Proxy server
A proxy server is a server (a computer system or an application) that acts as an intermediary for
requests from clients seeking resources from other servers.
A client connects to the proxy server, requesting some service, such as a file, connection, web page,
or other resource available from a different server and the proxy server evaluates the request as a
way to simplify and control its complexity.
Proxies were invented to add structure and encapsulation to distributed systems.
Today, most proxies are web proxies, facilitating access to content on the World Wide Web and
providing anonymity.
Communication between two computers (shown in grey) connected through a third computer
(shown in red) acting as a proxy. Bob does not know whom the information is going to, which is
why proxies can be used to protect privacy.
This type of proxy server does not identify itself as a proxy server and does not make available the
original IP address. High anonymity proxies, only include the REMOTE_ADDR header with the IP
address of the proxy server, making it appear that the proxy server is the client.
Transparent Proxy
An example of a transparent proxy would be a server that simply forwards your request to the
resource that you want without concealing any of your information. This may be used in the
workplace, where the IP address of the request is revealed to the server being requested from but
where the proxy provides access to the resource for a multitude of computers within the network.
Transparent proxies are generally not what people are looking for when they go shopping for proxy
server access online.
Reverse Proxy
A reverse proxy server is generally used to pass requests from the Internet, through a firewall to
isolated, private networks. It is used to prevent Internet clients from having direct, unmonitored
access to sensitive data residing on content servers on an isolated network, or intranet. If caching is
enabled, a reverse proxy can also lessen network traffic by serving cached information rather than
passing all requests to actual content servers.
___________________________________
CHAPTER 5
Various Types of Hacking attacks
___________________________________
Active attacks
An active attack is a network exploit in which a hacker attempts to make changes to data on the target
or data en route to the target.
Passive Attack
A passive attack is a network attack in which a system is monitored and sometimes scanned for open
ports and vulnerabilities. The purpose is solely to gain information about the target and no data is
changed on the target.
Passive attacks include active reconnaissance and passive reconnaissance.
In passive reconnaissance, an intruder monitors systems for vulnerabilities without interaction,
through methods like session capture.
In active reconnaissance, the intruder engages with the target system through methods like port
scans.
to a network or system.
An intruder might masquerade as an authorized network user and spy without interaction. With that
access, an intruder might monitor network traffic by setting the network adapter to promiscuous mode.
_____________________
CHAPTER 6
Hacking Tools
_____________________
HACKING TOOLS
A hacking tool is a program designed to assist with hacking, or a piece of software which
can be used for hacking purposes.
Examples include Nmap, Nessus, John the Ripper, p0f, and Winzapper.
Bribes have also been described as among the most potent hacking tools, due to their
potential exploitation in social engineering attacks. Occasionally, common software such
as ActiveX is exploited as a hacking tool as well.
Hacking tools such as Cain and Abel, however, are well known as Script Kiddie Tools.
Script kiddies are people who follow instructions from a manual, without realising how it
happens. These Script Kiddies have been an enormous threat to computer security as
there are many hacking tools and keyloggers up for download which are free.
Ophcrack
Medusa
RainbowCrack
Wfuzz
Brutus
L0phtCrack
Fgdump
THC Hydra
Aircrack-ng
Kismet
InSSIDer
KisMAC
Firesheep
Airjack
KARMA
NetStumbler
WepLab
Nmap
Nmap or Network Mapper is a free open source utility tool for network discovery and security
auditing solution for you. It is a flexible, powerful, portable and easy-to-use tool that is supported by
most of the operating systems like Linux, Windows, Solaris, Mac OS and others.
SuperScan
It is an multi-functional application that is designed for scanning TPC port. This is also a pinger and
address resolver. It also has useful features like ping, traceroute, WhoIs and HTTP request. There is
no need of installation as it is a portable application.
Angry IP Scanner
It is a fast port and IP address scanner. It is a lightweight and cross-platform application that has the
capacity to scan the IP addresses in any range and also in their ports. It simply pings each IP address.
Packet Crafting to Exploit Firewall Weaknesses
Through Packet crafting technique, an attacker capitalizes your firewalls vulnerabilities. Here are
some packet crafting tools.
Click the software names to download the software from their website
Hping
Scapy
Netcat
Yersinia
Nemesis
Socat
Splunk
If you want to convert your data into powerful insights Splunk tools are the best options for you. The
Splunk tools are the leading platforms for operational intelligence. It can collect any type of data from
any machine in real time.
Nagios
Nagios is the name for the industry standard in monitoring IT infrastructure. The Nagios tools helps
you monitor your entire IT infrastructure and have the capability to detect problems well ahead they
occur. It can also detect security breaches and share data availability with stakeholders.
P0f
It is versatile passive tool that is used for OS fingerprinting. This passive tool works well in both
Linux and Windows operating systems. It has the capability to detect the hooking up of the remote
system whether it is Ethernet, DSL or OC3.
Ngrep
Ngrep or network grep is a pcap-aware tool that allows you to extend hexadecimal or regular
expressions in order to match it against the data loads of the packet. It can recognize IPv4/6, UDP,
TCP, Ethernet, SLIP, PPP, FDDI and many others.
Wireshark
Tcpdump
Ettercap
Dsniff
EtherApe
Paros
Fiddler
Ratproxy
Sslstrip
Netfilter
Skipfish
Wfuzz
Wapiti
W3af
Forensics
These tools are used for computer forensics, especially to sniff out any trace of evidence existing in a
particular computer system. Here are some of the most popular.
Click the software names to download the software from their website
Sleuth Kit
It is an open source digital intervention or forensic tool kit. It runs on varied operating systems
including Windows, Linux, OS X and many other Unix systems. It can be used for analyzing disk
images along with in-depth analysis of file system like FAT, Ext3, HFS+, UFS and NTFS.
Helix
This is a Linux based incident response system. It is also used in system investigation and analysis
along with data recovery and security auditing. The most recent version of this tool is based on
Ubuntu that promises ease of use and stability.
Maltego
It is an open source forensic and intelligence application. It can be used for gathering information in
all phases of security related work. It saves you time and money by performing the task on time in
smarter way.
Encase
Encase is the fastest and most comprehensive network forensic solution available in the market. It is
created following the global standard of forensic investigation software. It has the capability of
quickly gathering data from wide variety of devices.
Debuggers to Hack Running Programs
These tools are utilized for reverse engineering binary files for writing exploits and analyzing
malware.
Click the software names to download the software from their website
GDB
Immunity Debugger
Netcat
Traceroute
Ping.eu
Dig
CURL
Backtrack 5r3
This operating system is built keeping the most savvy security personnel in mind as audience. This is
also a useful tool even for the early newcomers in the information security field. It offers quick and
easy way to find and also update the largest database available for the security tools collection till
date.
Kali Linux
This is a creation of the makers of BackTrack. This is regarded as the most versatile and advanced
penetration testing distribution ever created. The documentation of the software is built in an easy
format to make it the most user friendly. It is one of the must-have tools for ethical hackers that is
making a buzz in the market.
SELinux
Security Enhanced Linux or SELinux is an upstream repository that is used for various userland tools
and libraries. There are various capabilities like policy compilation, policy management and policy
development which are incorporated in this utility tool along with SELinux services and utilities. The
user can get the software as a tested release or from the development repository.
Knoppix
The website of Knoppix offers a free open source live Linux CD. The CD and DVD that is available
contain the latest and recent updated Linux software along with desktop environments. This is one of
the best tools for the beginners and includes programs like OpenOffice.org, Mozilla, Konqueror,
Apache, MySQL and PHP.
BackBox Linux
It is a Linux distribution that is based on Ubuntu. If you want to perform security assessment and
penetration tests, this software is the one that you should have in your repository. It proactively
protects the IT infrastructure. It has the capability to simplify the complexity of your IT infrastructure
with ease as well.
Pentoo
It is security focused live CD that is created based on Gentoo. It has a large number of customized
tools and kernels including a hardened kernel consisting of aufs patches. It can backport Wi-Fi stack
from the latest kernel release that is stable as well. There are development tools in Pentoo that have
Cuda/OPENCL cracking.
Matriux Krypton
If you are looking for a distro to be used in penetration testing and cyber forensic investigation, then
Matriux Krypton is the name that you can trust. This is a Debian based GNU/Linux security
distribution. It has more than 340 powerful tools for penetration testing and forensics; additionally, it
contains custom kernel 3.9.4.
NodeZero
This is regarded as the specialist tool that is specifically designed for security auditing and
penetration testing. It is a reliable, stable and powerful tool to be used for this purpose and is based
on the current Ubuntu Linux distribution. It is a free and open source system that you can download
from the website.
Blackbuntu
It is free and open source penetration testing distribution available over the internet. It is based on
Ubuntu 10.10, which is designed specifically for the information security training students and
professional. It is fast and stable yet a powerful tool that works perfectly for you. This software is a
recommendation from most of the users.
Blackbuntu
It is free and open source penetration testing distribution available over the internet. It is based on
Ubuntu 10.10, which is designed specifically for information security, training students and
professionals. It is fast and stable, yet a powerful tool that works perfectly for you. This software is a
recommendation from most of the users.
WEAKERTH4N
It's a great pentesting distro comprising of some innovative pentesting tools. The software uses
Fluxbox and is built using Debian Squeeze. One of it's popular features is its ability to hack old
Android based systems.
Bugtraq
It is one of the most stable and comprehensive distributions. It offers stable and optimal
functionalities with stable manger in real-time. It is based upon 3.2 and 3.4 kernel Generic that is
available in both 32 and 64 Bits. Bugtraq has a wide range of tools in various branches of the kernel.
The features of the distribution vary as per your desktop environment
DEFT
DEFT is a distribution that is created for computer forensics. It can run in live stream on the system
without corrupting the device. The system is based on GNU/Linux and the user can run this live using
CD/DVD or USB pendrive. DEFT is now paired with DART, which is a forensic system.
Helix
There are various versions of Helix released by e-fense that are useful for both home and business
use. The Helix3 Enterprise is a cyber-security solution offered by this organization that provides
incident response. It throws live response and acquires volatile data. Helix3 Pro is the newest
version in the block of Helix family products.
Encryption Tools
Times are changing and spying has become a common phenomenon everywhere. There have been
increasing instances where even the governments have been found to be spying on their citizens from
time to time. This is one of the prime reasons why the importance of Encryption has increased
manifold. Encryption tools are very important because they keep the data safe by encrypting it so that
even if someone accesses the data, they cant get through the data unless they know how to decrypt the
data. These tools use algorithm schemes to encode the data to prevent unauthorized access to the
encrypted data.
Some of the popular Encryption Tools will be listed below:
Click the software names to download the software from their website
TrueCrypt
TrueCrypt is open source encryption tool which can encrypt a partition in the Windows environment
(except Windows 8); its equipped for creating a virtual encrypted disk in a file. Moreover, it has the
capability to encrypt the complete storage device. TrueCrypt can run on different operating systems
like Linux, Microsoft Windows and OSX. TrueCrypt stores the encryption keys in the RAM of the
computer.
OpenSSH
OpenSSH is the short name for Open Secure Shell and is a free software suite which is used to make
your network connections secured. It uses the SSH protocol to provide encrypted communication
sessions in a computer network. It was designed originally as an alternative to the Secure Shell
Software developed by SSH Communications Security. The tool was designed as a part of the
OpenBSD project.
PuTTY
It an open source encryption tool available on both UNIX and Windows operating system. It is a free
implementation of SSH (Secure Shell) and Telnet for both Windows as well as UNIX. The beauty of
this tool is that it supports many network protocols like Telnet, SCP, rlogin, SSH and raw socket
connection. The word PuTTY has no specific meaning, however as in UNIX tradition, tty is a
terminal name.
OpenSSL
OpenSSL is an open source encryption tool which implements the TLS and SSL protocols.
OpenSSLs core library is written in the C programming language. The fundamental cryptographic
functions are implemented by it. OpenSSL versions are available for operating systems like UNIX,
Solaris, Linux and Mac OS X. The project was undertaken in 1988 with the objective of inventing
free encryption tools for the programs being used on the internet.
Tor
Tor is a free encryption tool and has the capability to provide online anonymity as well as censorship
resistance. Internal traffic is directed through a free network which consists of more than five
thousand relays so that the users actual location can be hidden. It is difficult to track the Internet
activities like visiting web sites and instant messages; the most important goal of this tool is to ensure
the personal privacy of the users.
OpenVPN
It is an open source tool for the implementation of virtual private network techniques so that secured
site-to-site or point-to-point connections using routers or bridges are possible, also remote access is
possible. OpenVPN offers the users a secured authentication process by using secret keys which are
pre-shared.
Stunnel
Stunnel is a multi-platform open source tool which is used to ensure that both the clients and the
servers get secured encrypted connections. This encryption software can operate on a number of
operating system platforms like Windows as well as all operating systems which are UNIX like.
Stunnel depends upon a distinct library like SSLeay or OpenSSL to implement the protocols (SSL or
TLS)
KeePass
KeePass is an open source as well as free password management tool for the Microsoft Windows as
well as unofficial ports for operating systems such as iOS, Linux, Android, Mac OS X and Windows
Phone. All the usernames, passwords and all other fields are stored by KeePass in a secured
encrypted database. This database in turn is protected by a single password.
Snort
NetCop
Metasploit
Sqlmap
Sqlninja
NetSparker
BeEF
Dradis
Vulnerability Scanners
The scanners which assess the vulnerability of a network or a computer to security attacks are known
as Vulnerability Scanners. The tools might function differently, however all of them aim to provide an
analysis on how vulnerable the system or a network is. Here is a list of the best ones:
Click the software names to download the software from their website
Nessus
OpenVAS
Nipper
Secunia PSI
Retina
QualysGuard
Nexpose
Burp Suite
Webscarab
Websecurify
Nikto
W3af
___________________________
CHAPTER 7
Malware : A hackers Henchman
___________________________
Malware
Malware, short for malicious software, is any software used to disrupt computer operation, gather
sensitive information, or gain access to private computer systems.
Malware is defined by its malicious intent, acting against the requirements of the computer user, and
does not include software that causes unintentional harm due to some deficiency. The term badware is
sometimes used, and applied to both true (malicious) malware and unintentionally harmful software.
Types of Malware
Adware
Adware (short for advertising-supported software) is a type of malware that automatically delivers
advertisements. Common examples of adware include pop-up ads on websites and advertisements
that are displayed by software. Software and applications often offer free versions that come
bundled with adware. Most adware is sponsored or authored by advertisers and serves as a revenue
generating tool.
While some adware is solely designed to deliver advertisements, it is not uncommon for adware to
come bundled with spyware that is capable of tracking user activity and stealing information. Due to
the added capabilities of spyware, adware/spyware bundles are significantly more dangerous than
adware on its own.
Spyware
Spyware is a type of malware that functions by spying on user activity without their knowledge.
These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting
(account information, logins, financial data), and more. Spyware often has additional capabilities as
well, ranging from modifying security settings of software or browsers to interfering with network
connections. Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate
software or in Trojans.
Bot
Bots are software programs created to automatically perform specific operations. While some bots
are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it
is becoming increasingly common to see bots being used maliciously. Bots can be used in botnets
(collections of computers to be controlled by third parties) for DDoS attacks, as spambots that render
advertisements on websites, as web spiders that scrape server data, and for distributing malware
disguised as popular search items on download sites. Websites can guard against bots with
CAPTCHA tests that verify users as human.
Bug
In the context of software, a bug is a flaw produces an undesired outcome. These flaws are usually the
result of human error and typically exist in the source code or compilers of a program. Minor bugs
only slightly affect a programs behaviour and, as a result, can go for long periods of time before
being discovered. More significant bugs can cause crashing or freezing. Security bugs are the most
severe type of bugs and can allow attackers to bypass user authentication, override access privileges,
or steal data. Bugs can be prevented with developer education, quality control and code analysis
tools.
Ransomware
Ransomware is a form of malware that essentially holds a computer system captive while demanding
a ransom. The malware restricts user access to the computer either by encrypting files on the hard
drive or locking down the system and displaying messages that are intended to force the user to pay
the malware creator to remove the restrictions and regain access to their computer. Ransomware
typically spreads like a normal computer worm (see below) ending up on a computer via a
downloaded file or through some other vulnerability in a network service.
Rootkit
A rootkit is a type of malicious software designed to remotely access or control a computer without
being detected by users or security programs. Once a rootkit has been installed it is possible for the
malicious party behind the rootkit to remotely execute files, access/steal information, modify system
configurations, alter software (especially any security software that could detect the rootkit), install
Trojan Horse
A Trojan horse, commonly known as a Trojan, is a type of malware that disguises itself as a normal
file or program to trick users into downloading and installing malware. A Trojan can give a
malicious party remote access to an infected computer. Once an attacker has access to an infected
computer, it is possible for the attacker to steal data (logins, financial data, even electronic money),
install more malware, modify files, monitor user activity (screen watching, keylogging, etc), use the
computer in botnets, and anonymise internet activity by the attacker.
Virus
A virus is a form of malware that is capable of copying itself and spreading to other computers.
Viruses often spread to other computers by attaching themselves to various programs and executing
code when a user launches one of those infected programs. Viruses can also spread through script
files, documents, and cross-site scripting vulnerabilities in web apps. Viruses can be used to steal
information, harm host computers and networks, create botnets, steal money, render advertisements,
and more.
Worm
Computer worms are among the most common types of malware. They spread over computer
networks by exploiting operating system vulnerabilities. Worms typically cause harm to their host
networks by consuming bandwidth and overloading web servers. Computer worms can also contain
payloads that damage host computers. Payloads are pieces of code written to perform actions on
affected computers beyond simply spreading the worm. Payloads are commonly designed to steal
data, delete files, or create botnets.
Computer worms can be classified as a type of computer virus, but there are several characteristics
that distinguish computer worms from regular viruses. A major difference is that computer worms
have the ability to self-replicate and spread independently while viruses rely on human activity to
spread (running a program, opening a file, etc). Worms often spread by sending mass emails with
infected attachments to users contacts.
Key logger
A special kind of trojan that records the keyboard and/or mouse activity on a PC and relays the
information over the Internet to someone wishing to record passwords or other personal information.
Zombie Computer
A Trojan horse is used to plant malware on an unsuspecting PC owner's system that allows a remote
computer to use that system to send out spam or to perform other malicious tasks on the Internet
without the owner's knowledge.
Drive-by-Download
The automatic download of software to a users computer triggered simply by visiting a Web site or
viewing an HTML formatted email. The download occurs without the users consent and often
without any notice at all.
Scareware
Malware that pops up windows claiming your computer is infected and offers to clean it for a fee or
tries to get you to click a link that will install a trojan. The malware can come from a drive-bydownload or from a web page that has other malicious JavaScript on it.
Backdoors
A backdoor is a method of bypassing normal authentication procedures, usually over a connection to
a network such as the Internet. Once a system has been compromised, one or more backdoors may be
installed in order to allow access in the future, invisibly to the user.
The idea has often been suggested that computer manufacturers preinstall backdoors on their systems
to provide technical support for customers, but this has never been reliably verified. It was reported
in 2014 that US government agencies had been diverting computers purchased by those considered
"targets" to secret workshops where software or hardware permitting remote access by the agency
was installed, considered to be among the most productive operations to obtain access to networks
around the world. Backdoors may be installed by Trojan horses, worms, implants, or other methods.
Malware Symptoms
While these types of malware differ greatly in how they spread and infect computers, they all can
produce similar symptoms. Computers that are infected with malware can exhibit any of the following
symptoms:
Increased CPU usage
Slow computer or web browser speeds
Problems connecting to networks
Freezing or crashing
Modified or deleted files
Appearance of strange files, programs, or desktop icons
Programs running, turning off, or reconfiguring themselves (malware will often reconfigure
or turn off antivirus and firewall programs)
Strange computer behaviour
Emails/messages being sent automatically and without users knowledge (a friend receives a
strange email from you that you did not send)
Vulnerability to Malware
Security defects in software
Malware exploits security defects (security bugs or vulnerabilities) in the design of the operating
system, in applications (such as browsers, e.g. older versions of Microsoft Internet Explorer
supported by Windows XP), or in vulnerable versions of browser plugins such as Adobe Flash
Player, Adobe Acrobat or Reader, or Java.
Sometimes even installing new versions of such plugins does not automatically uninstall old versions.
Security advisories from plug-in providers announce security-related updates.
Common vulnerabilities are assigned CVE IDs and listed in the US National Vulnerability Database.
Secunia PSI is an example of software, free for personal use that will check a PC for vulnerable outof-date software, and attempt to update it.
Malware authors target bugs, or loopholes, to exploit. A common method is exploitation of a buffer
overrun vulnerability, where software designed to store data in a specified region of memory does
not prevent more data than the buffer can accommodate being supplied.
Malware may provide data that overflows the buffer, with malicious executable code or data after the
end; when this payload is accessed it does what the attacker, not the legitimate software, determines.
Early PCs had to be booted from floppy disks; when built-in hard drives became common the
operating system was normally started from them, but it was possible to boot from another boot
device if available, such as a floppy disk, CD-ROM, DVD-ROM, or USB flash drive.
It was common to configure the computer to boot from one of these devices when available. Normally
none would be available; the user would intentionally insert, say, a CD into the optical drive to boot
the computer in some special way, for example to install an operating system. Even without booting,
computers can be configured to execute software on some media as soon as they become available,
e.g. to autorun a CD or USB device when inserted.
Malicious software distributors would trick the user into booting or running from an infected device
or medium; for example, a virus could make an infected computer add autorunnable code to any USB
stick plugged into it; anyone who then attached the stick to another computer set to autorun from USB
would in turn become infected, and also pass on the infection in the same way.
More generally, any device that plugs into a USB port - "including gadgets like lights, fans, speakers,
toys, even a digital microscope" can be used to spread malware. Devices can be infected during
manufacturing or supply if quality control is inadequate.
This form of infection can largely be avoided by setting up computers by default to boot from the
internal hard drive, if available, and not to autorun from devices. Intentional booting from another
device is always possible by pressing certain keys during boot.
Older email software would automatically open HTML email containing potentially malicious
JavaScript code; users may also execute disguised malicious email attachments and infected
executable files supplied in other ways.
code too many privileges, usually in the sense that when a user executes code, the system allows that
code all rights of that user. This makes users vulnerable to malware in the form of e-mail attachments,
which may or may not be disguised.
Homogeneity
When all computers in a network run the same operating system; upon exploiting one, one worm can
exploit them all. For example, Microsoft Windows or Mac OS X have such a large share of the
market that concentrating on either could enable an exploited vulnerability to subvert a large number
of systems.
Instead, introducing diversity, purely for the sake of robustness, could increase short-term costs for
training and maintenance. However, having a few diverse nodes could deter total shutdown of the
network as long as all the nodes are not part of the same directory service for authentication, and
allow those nodes to help with recovery of the infected nodes. Such separate, functional redundancy
could avoid the cost of a total shutdown, at the cost of increased complexity and reduced usability in
terms of single sign-on authentication.
Later in 2015, "BitWhisper", a Covert Signaling Channel between Air-Gapped Computers using
Thermal Manipulations was introduced. "BitWhisper" supports bidirectional communication and
requires no additional dedicated peripheral hardware.
Grayware
Grayware is a term applied to unwanted applications or files that are not classified as malware, but
can worsen the performance of computers and may cause security risks.
It describes applications that behave in an annoying or undesirable manner, and yet are less serious or
troublesome than malware. Grayware encompasses spyware, adware, fraudulent dialers, joke
programs, remote access tools and other unwanted programs that harm the performance of computers
or cause inconvenience. The term came into use around 2004.
Another term, PUP, which stands for Potentially Unwanted Program (or PUA Potentially Unwanted
Application), refers to applications that would be considered unwanted despite often having been
downloaded by the user, possibly after failing to read a download agreement. PUPs include spyware,
adware, fraudulent dialers. Many security products classify unauthorised key generators as grayware,
although they frequently carry true malware in addition to their ostensible purpose.
Software maker Malwarebytes lists several criteria for classifying a program as a PUP.
__________________________
CHAPTER 8
Common Attacks and Viruses
__________________________
Identify Theft
Identity theft criminals come in all shapes and sizes these days. If you're ever unlucky enough to be a
victim of identity theft, the culprit is far more likely to be a local meth user than a professional
hacker. That said, most organized crimes gangs around the world are becoming much more involved
in computer hacking. Computer identity theft can happen in a number of ways. Criminal organizations
can use their own hackers, hire college students, or simply buy large amounts of stolen information
from professional hackers. And the result is a spike in the number and size of reported data breaches
by hackers.
Hacking attacks can be launched in a number of ways:
Attacking computers that don't have firewalls installed.
Installing keystroke loggers or other malicious code by hiding it in email attachments.
Exploiting browser vulnerabilities that have not been properly patched.
Exploiting weak or poorly protected passwords.
Hiding malicious code in downloads or free software.
Hiding malicious code in images on websites and waiting for unsuspecting users to click on
them.
Employees or other trusted users simply accessing an unprotected computer.
Exploiting poorly installed networks, and especially wireless home networks.
First things first, your social security number isn't necessarily a magic ticket to your identityit's
really more like a cheat code. If you know where, when, and how to use someone else's number, you
can effectively steal their identity and cause them significant hardship. Former public and now private
investigator Randy Barnhart explains how easy it is to gain a line of credit in someone else's name if
you know what to do:
Many retailers offer credit cards, most offer Visa and Master Card accounts as well. If I
have someone's social security number, all I have to do is complete a one page credit
application using the stolen SSN and hand it to a cashier that is 18-20 years old. The
cashier enters the SSN into their system and a line of credit is issued. Depending on the
victim's credit rating, the line of credit can be $1000 to $100,000. Usually the cashier
hands me a temporary shopping pass with a limited balance that I can use immediately.
If they have multiple identities, the thief can open several accounts and max out the
credit line very quickly.
Barnhart suggests that this would be simple to stop, as additional security checks would be required,
but this would involve the sacrifice of conveniencesomething we're not always eager to abandon.
It's also not the sort of thing retailers want to give up because they make a lot of money off of
providing you with a credit line.
Even still, that's just one example of the many problems that can arise from identity theft. We tend to
concentrate only on the monetary damage, but much more can occur. Matt Davis, a victim advisor for
the Identity Theft Resource Center, explains many of the other issues:
ID thieves can use an social security number to procure your medical benefits, social
security, unemployment, file false tax returns, and even pawn off their criminal charges
when they have run-ins with the law on you. The possibilities are limitless with the right
information and an informed thief. A credit report will not show you if anyone is running
up criminal charges as you, using your medical insurance to finance medical procedures,
or creating a fraudulent job history report by working under your information.
Basically, your identity is valuable to different kinds of people for different reasons. You might be
targeted for a line of credit or because an illegal immigrant needs "lawful" employment and health
care. Monitoring your credit report isn't enough. You need to pay attention to everything if you're
going to catch a thief.
Spoofing Attacks
A spoofing attack is when a malicious party impersonates another device or user on a network in
order to launch attacks against network hosts, steal data, spread malware or bypass access controls.
There are several different types of spoofing attacks that malicious parties can use to accomplish this.
Some of the most common methods include IP address spoofing attacks, ARP spoofing attacks and
DNS server spoofing attacks.
Nonblind spoofing: In this type of attack, the cracker resides on the same subnet as his
intended target, so by sniffing the wire for existing transmissions, he can understand an
entire sequence/acknowledge cycle between his target and other hosts (hence the cracker
isn't "blind" to the sequence numbers). Once the sequence is known, the attacker can hijack
sessions that have already been built by disguising himself as another machine, bypassing
any sort of authentication that was previously conducted on that connection.
the DoS target. In that case, all the transmissions are generally spoofed, making it very
difficult to track down the sources of the storm.
The Domain Name System (DNS) is a system that associates domain names with IP addresses.
Devices that connect to the internet or other private networks rely on the DNS for resolving URLs,
email addresses and other human-readable domain names into their corresponding IP addresses. In a
DNS server spoofing attack, a malicious party modifies the DNS server in order to reroute a specific
domain name to a different IP address. In many cases, the new IP address will be for a server that is
actually controlled by the attacker and contains files infected with malware. DNS server spoofing
attacks are often used to spread computer worms and viruses.
outside the network that show source addresses from inside the network and vice versa).
Avoid trust relationships: organisations should develop protocols that rely on trust
relationships as little as possible. It is significantly easier for attackers to run spoofing
attacks when trust relationships are in place because trust relationships only use IP
addresses for authentication.
Use spoofing detection software: There are many programs available that help
organisations detect spoofing attacks, particularly ARP spoofing. These programs work by
inspecting and certifying data before it is transmitted and blocking data that appears to be
spoofed.
Use cryptographic network protocols: Transport Layer Security (TLS), Secure Shell
(SSH), HTTP Secure (HTTPS) and other secure communications protocols bolster spoofing
attack prevention efforts by encrypting data before it is sent and authenticating data as it is
received.
Phishing Attacks
Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an
attempt to gather personal and financial information from recipients. Typically, the messages appear
to come from well-known and trustworthy Web sites. Web sites that are frequently spoofed by
phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition,
like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure hoping to
fool at least a few of the prey that encounter the bait.
Fraudsters send fake emails or set up fake web sites that mimic Yahoo!'s sign-in pages (or the sign-in
pages of other trusted companies, such as eBay or PayPal) to trick you into disclosing your user name
and password. This practice is sometimes referred to as "phishing" a play on the word "fishing"
because the fraudster is fishing for your private account information. Typically, fraudsters try to
trick you into providing your user name and password so that they can gain access to an online
account. Once they gain access, they can use your personal information to commit identity theft,
charge your credit cards, empty your bank accounts, read your email, and lock you out of your online
account by changing your password.
If you receive an email (or instant message) from someone you don't know directing you to sign in to a
website, be careful! You may have received a phishing email with links to a phishing website. A
phishing website (sometimes called a "spoofed" site) tries to steal your account password or other
confidential information by tricking you into believing you're on a legitimate website. You could even
land on a phishing site by mistyping a URL (web address).
Is that website legitimate? Don't be fooled by a site that looks real. It's easy for phishers to create
websites that look like the genuine article, complete with the logo and other graphics of a trusted
website.
Important: If you're at all unsure about a website, do not sign in. The safest thing to do is to close and
then reopen your browser, and then type the URL into your browser's URL bar. Typing the correct
URL is the best way to be sure you're not redirected to a spoofed site.
with links to a fake phishing web site in order to make the spoof site appear more realistic.
And look for these other indicators that an email might not be trustworthy:
Spelling errors, poor grammar, or inferior graphics.
Requests for personal information such as your password, Social Security number,
or bank account or credit card number. Legitimate companies will never ask you to
verify or provide confidential information in an unsolicited email.
Attachments (which might contain viruses or keystroke loggers, which record what
you type).
Internet Explorer, Mozilla Firefox, Web browsers have free add-ons (or "plug-ins") that can help you
detect phishing sites.
Be wary of other methods to identify a legitimate site
Some methods used to indicate a safe site can't always be trusted. A small unbroken key or locked
padlock at the left of the URL bar of your browser is not a reliable indicator of a legitimate website.
Just because there's a key or lock and the security certificate looks authentic, don't assume the site is
legitimate.
Deceptive Phishing
A phisher sends bulk email with a message. Users are influenced to click on a link.
Examples: An email stating that there is a problem with recipients account at financial institutions
and requests the recipient to click on a website link to update his details. A statement may be sent to
the recipient stating that his account is at risk and offering to enroll him to an anti-fraud program. In
any of the case, the website collects the users confidential information. The phisher will
subsequently impersonate the victim and transfer funds from his account, purchase merchandise, take
a second mortgage on the victims house or cause any other damage. In most of these cases, the
phisher does not directly cause any economic damage, but sells the illegally obtained information on
a secondary market.
Malware-based Phishing
Malware-based phishing involves running malicious software on the users machine. The malware
can be introduced as an email attachment or as a downloadable file exploiting security
vulnerabilities. This is a particular threat for small and medium businesses (SMBs) who fails to
update their their software applications.
Session Hijacking
Session Hijacking is a kind of phishing attack where users activities are monitored clearly until they
log into a target account like the bank account and establish their credentials. At that point, the
malicious software takes control and can undertake unauthorized actions, such as transferring funds,
without the knowledge of the user.
Web Trojans
Web Trojans pop up when the users attempt to log in to an important website or performing any
transaction. These web trojans are invisible to the users. They collect user's credentials locally and
transmit them to the phisher.
Data Theft
Malicious code running on a users computer, can directly steal confidential information stored on the
computer. This information can include activation keys to software, passwords, sensitive and
personal email and any other data that is stored on the victim's computer. Data theft is also widely
used for phishing attacks aimed at corporate espionage. In addition, confidential memos, design
documents or billing info can be publicly leaked, causing embarrassment or financial damage to the
organization. This data can also be leaked to competitors.
DNS-Based Phishing
Domain Name System (DNS)-based phishing or hosts file modification is called Pharming. The
requests for URLs or name service return a bogus address and subsequent communications are
directed to a fake site when the hackers tamper a companys host files or domain name. As a result,
users remain unaware about the fraud website controlled by hackers.
Content-Injection Phishing
Content-injection phishing means inserting malicious content into a legitimate website. The malicious
content can redirect to other websites or may install malware on a users computer and also insert a
frame of content that will redirect data to the phishing server.
Man-in-the-Middle Phishing
Man-in-the-Middle Phishing is hard to detect than many other forms of phishing. In these attacks
hackers sit between the user and the website or the system. They record the information being entered
by the user but continue to pass the user on to the next steps so that user transactions are not affected
and the user remains unaware. Later, they sell or use the information which may be credentials, credit
card details, and bank account details.
Social Engineering
Social engineering, in the context of information security, refers to psychological manipulation of
people into performing actions or divulging confidential information. A type of confidence trick for
the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that
it is often one of many steps in a more complex fraud scheme.
The term "social engineering" as an act of psychological manipulation is also associated with the
social sciences, but its usage has caught on among computer and information security professionals.
All social engineering techniques are based on specific attributes of human decision-making known
as cognitive biases. These biases, sometimes called "bugs in the human hardware", are exploited in
various combinations to create attack techniques, some of which are listed. The attacks used in social
engineering can be used to steal employees' confidential information. The most common type of social
engineering happens over the phone. Other examples of social engineering attacks are criminals
posing as exterminators, fire marshals and technicians to go unnoticed as they steal company secrets.
One example of social engineering is an individual who walks into a building and posts an officiallooking announcement to the company bulletin that says the number for the help desk has changed. So,
when employees call for help the individual asks them for their passwords and ID's thereby gaining
the ability to access the company's private information. Another example of social engineering would
be that the hacker contacts the target on social networking site and start conversation with the target.
Slowly and gradually, the hacker gains trust of the target and then uses it to get access to sensitive
information like password or bank account details.
Pretexting
Pretexting (adj. pretextual), also known in the UK as blagging or bohoing, is the act of creating and
using an invented scenario (the pretext) to engage a targeted victim in a manner that increases the
chance the victim will divulge information or perform actions that would be unlikely in ordinary
circumstances. An elaborate lie, it most often involves some prior research or setup and the use of
this information for impersonation (e.g., date of birth, Social Security number, last bill amount) to
establish legitimacy in the mind of the target.
Diversion Theft
Diversion theft, also known as the "Corner Game" or "Round the Corner Game", originated in the
East End of London.
In summary, diversion theft is a "con" exercised by professional thieves, normally against a transport
or courier company. The objective is to persuade the persons responsible for a legitimate delivery
that the consignment is requested elsewhere hence, "round the corner".
Baiting
Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or
greed of the victim.
In this attack, the attacker leaves a malware infected floppy disk, CD-ROM, or USB flash drive in a
location sure to be found (bathroom, elevator, sidewalk, parking lot), gives it a legitimate looking and
curiosity-piquing label, and simply waits for the victim to use the device.
In either case, as a consequence of merely inserting the disk into a computer to see the contents, the
user would unknowingly install malware on it, likely giving an attacker unfettered access to the
Tailgating
An attacker, seeking entry to a restricted area secured by unattended, electronic access control, e.g.
by RFID card, simply walks in behind a person who has legitimate access. Following common
courtesy, the legitimate person will usually hold the door open for the attacker or the attackers
themselves may ask the employee to hold it open for them. The legitimate person may fail to ask for
identification for any of several reasons, or may accept an assertion that the attacker has forgotten or
lost the appropriate identity token. The attacker may also fake the action of presenting an identity
token.
Shoulder Surfing
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to
get information. Shoulder surfing is an effective way to get information in crowded places because
it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN number at an
ATM machine, or use a calling card at a public pay phone. Shoulder surfing can also be done long
distance with the aid of binoculars or other vision-enhancing devices. To prevent shoulder surfing,
experts recommend that you shield paperwork or your keypad from view by using your body or
cupping your hand.
Dumpster Diving
Alternatively referred to as trashing, dumpster diving is the practice of digging through a company's
trash bins or dumpsters to gain information. This act is carried out for a number reasons, from seeking
passwords for a network attack, to personal information for social engineering.
Policy manuals
Today's employee manuals give instructions on how not to be victimized by hackers, and likewise
help the hacker know which attacks to avoid, or at least try in a different manner than specified in the
policy manual.
Calenders of events
Tells the hackers when everyone will be elsewhere and not logged into the system. Best time to break
in.
System Manuals, Packing Crates
Tells the hackers about new systems that they can break into.
Print outs
Source code is frequently found in dumpsters, along with e-mails (revealing account names), and
PostIt&tm; notes containing written passwords.
Disks, Tapes, CD-ROMs
People forget to erase storage media, leaving sensitive data exposed. These days, dumpsters may
contain larger number of "broken" CD-Rs. The CD-ROM "burning" process is sensitive, and can lead
to failures, which are simply thrown away. However, some drives can still read these disks, allowing
the hacker to read a half-way completed backup or other sensitive piece of information.
Old Hard Drives
Like CD-ROMs, information from broken drives can usually be recovered. It depends only upon the
hacker's determination.
Organizational changes, such as mergers, acquitistions, and "re-orgs" leave the company in disarray
that can be exploited by hackers (in much the same way that hackers look upon January 1, 2000 as a
prime hacking day)
Trojan Horses
A trojan horse is a program that appears to be something safe, but in is performing tasks such as
giving access to your computer or sending personal information to other computers. Trojan horses are
one of the most common methods a criminal uses to infect your computer and collect personal
information from your computer. Below are some basic examples of how your computer could
become infected with a trojan horse.
If you were referred here, you may have been hacked by a Trojan horse attack. Its crucial that you
read this page and fix yourself immediately. Failure to do so could result in being disconnected from
the IRC network, letting strangers access your private files, or worst yet, allowing your computer to
be hijacked and used in criminal attacks on others.
Here are some practical tips to avoid getting infected (again). For more general security information,
please see our main security help page.
1. NEVER download blindly from people or sites which you arent 100% sure about. In
other words, as the old saying goes, dont accept candy from strangers. If you do a lot
of file downloading, its often just a matter of time before you fall victim to a trojan.
2. Even if the file comes from a friend, you still must be sure what the file is before
opening it, because many trojans will automatically try to spread themselves to friends
in an email address book or on an IRC channel. There is seldom reason for a friend to
send you a file that you didnt ask for. When in doubt, ask them first, and scan the
attachment with a fully updated anti-virus program.
3. Beware of hidden file extensions! Windows by default hides the last extension of a file,
so that innocuous-looking susie.jpg might really be susie.jpg.exe - an executable
trojan! To reduce the chances of being tricked, unhide those pesky extensions.
4. NEVER use features in your programs that automatically get or preview files. Those
features may seem convenient, but they let anybody send you anything which is
extremely reckless. For example, never turn on auto DCC get in mIRC, instead
ALWAYS screen every single file you get manually. Likewise, disable the preview
mode in Outlook and other email programs.
5. Never blindly type commands that others tell you to type, or go to web addresses
mentioned by strangers, or run pre-fabricated programs or scripts (not even popular
ones). If you do so, you are potentially trusting a stranger with control over your
computer, which can lead to trojan infection or other serious harm.
6. Dont be lulled into a false sense of security just because you run anti-virus programs.
Those do not protect perfectly against many viruses and trojans, even when fully up to
date. Anti-virus programs should not be your front line of security, but instead they
serve as a backup in case something sneaks onto your computer.
7. Finally, dont download an executable program just to check it out - if its a trojan,
the first time you run it, youre already infected!
Compared to traditional viruses, todays trojans evolve much quicker and come in many
seemingly innocuous forms, so anti-virus software is always going to be playing catch up.
Also, if they fail to find every trojan, anti-virus software can give you a false sense of
security, such that you go about your business not realizing that you are still dangerously
compromised. There are many products to choose from, but the following are generally
effective: AVP, PC-cillin, and McAfee VirusScan.
Anti-Trojan Programs: These programs are the most effective against trojan horse attacks,
because they specialize in trojans instead of general viruses.
Clean Re-installation
When all else fails, or when any risk of continued infection is unacceptable, the only option
left is a clean re-installation. Although arduous, this will always be the only sure way to
eradicate a trojan or virus.
A clean re-installation will take anywhere from several hours to several days to fully
complete, depending on your system configuration, operating system, amount of data to be
recovered, and many other factors. This will require some degree of technical competency,
and you will need to have your original operating system or recovery media, as well as
original media for any application software, as well as any license keys ready before you
begin.
Extreme caution must be taken in backing up and restoring data to make sure that the
infection is not reintroduced when data is restored.
A professional PC repair shop can be contracted locally to perform a clean reinstallation,
should you not feel capable of doing so yourself.
1.
2.
3.
4.
5.
6.
7.
8.
9.
applications.
This will take several hours, and require some degree of technical competancy. If you are
not up to the task a professional repair shop can be paid to perform these steps.
Computer Virus
A computer virus is a computer program that can replicate itself and spread from one computer to
another. When these infected programs are run, the viral code is executed and the virus spreads
further. Sometimes, what constitutes programs is more than simply applications: boot code, device
drivers, and command interpreters also can be infected.
A computer virus is one of thousands of programs that can invade computer and perform a variety of
functions ranging from annoying (e.g., popping up messages as a joke) to dangerous (e.g., deleting
files or destroying your hard disk).
Viruses can increase their chances of spreading to other computers by infecting files on a network file
system or a file system that is accessed by other computers.
The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware,
even those that do not have the ability to replicate themselves. Malware includes computer viruses,
computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious or
unwanted software, including true viruses. Viruses are sometimes confused with worms and Trojan
horses, which are technically different.
How Do Viruses Spread
Computer viruses are programs that must be triggered or somehow executed before they can infect
your computer system and spread to others. Examples include opening a document infected with a
macro virus, booting with a diskette infected with a boot sector virus, or double-clicking on an
infected program file. Viruses can then be spread by sharing infected files on a diskette, network
drive, or other media, by exchanging infected files over the Internet via e-mail attachments, or by
downloading questionable files from the Internet.
Types of Virus
Viruses come in a variety of types. Breaking them into categories is not easy as many viruses have
multiple characteristics and so would fall into multiple categories. We're going to describe two
different types of category systems: what they infect and how they infect. Because they are so
common, we're also going to include a category specific to worms.
These categories include :
System Sector Viruses : These infect control information on the disk itself.
Computer
Virus Name
Creeper
1982
Elk Cloner
Description
This is noted as possibly the first ever
computer virus. It infected computers on
ARPANET.
Despite Apple's marketing that their
1988
1999
2000
2001
2001
2003
2003
2004
Anti-Virus Software
Anti-virus software are programs that are installed onto your computer and can scan and
remove known viruses which you may have contracted. The software can also be set to
automatically scan diskettes when inserted into the disk drive, scan files when downloaded
from the Internet, or scan e-mail when received.
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including
but not limited to computer viruses, computer worms, Trojan horses, spyware and adware.
Computer security, including protection from social engineering techniques, is commonly
Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it
propagates through computer networks without user intervention. Unlike a virus, it does not need to
attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them
both to describe any self-propagating program.
_____________________________
CHAPTER 9
Password cracking and
How to hack an Email password?
_____________________________
Password cracking
Password cracking is the process of recovering passwords from data that has been stored in or
transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Passwords are the most widely used form of authentication throughout the world. A username and
password are used on computer systems, bank accounts, ATMs, and more. The ability to crack
passwords is an essential skill to both the hacker and the forensic investigator, the latter needing to
hack passwords for accessing the suspect's system, hard drive, email account, etc.
Although some passwords are very easy to crack, some are very difficult. In those cases, the hacker
or forensic investigator can either employ greater computing resources (a botnet, supercomputer,
GPU, ASIC, etc.), or they can look to obtain the password in other ways.
These ways might include insecure storage. In addition, sometimes you don't need a password to
access password-protected resources. For instance, if you can replay a cookie, session ID, a
Kerberos ticket, an authenticated session, or other resource that authenticates the user after the
password authentication process, you can access the password protected resource without ever
knowing the password.
Sometimes these attacks can be much easier than cracking a complex and long password. I will do a
tutorial on various replay attacks in the near future (look out specifically for my upcoming article on
stealing the Facebook cookie to access someone's Facebook account).
Password Storage
In general, passwords are not stored in clear text. As a rule, passwords are stored as hashes. Hashes
are one-way encryption that are unique for a given input. These systems very often use MD5 or SHA1
to hash the passwords.
In the Windows operating system, passwords on the local system are stored in the SAM file, while
Linux stores them in the /etc/shadow file. These files are accessible only by someone with
root/sysadmin privileges. In both cases, you can use a service or file that has root/sysadmin
privileges to grab the password file (e.g. DLL injection with samdump.dll in Windows).
Types of Attacks
Dictionary
A dictionary attack is the simplest and fastest password cracking attack. To put it simply, it just runs
through a dictionary of words trying each one of them to see if they work. Although such an approach
would seem impractical to do manually, computers can do this very fast and run through millions of
words in a few hours. This should usually be your first approach to attacking any password, and in
some cases, it can prove successful in mere minutes.
Rainbow Table
Most modern systems now store passwords in a hash. This means that even if you can get to the area
or file that stores the password, what you get is an encrypted password. One approach to cracking
this encryption is to take dictionary file and hash each word and compare it to the hashed password.
This is very time- and CPU-intensive. A faster approach is to take a table with all the words in the
dictionary already hashed and compare the hash from the password file to your list of hashes. If there
is a match, you now know the password.
Brute Force
Brute force is the most time consuming approach to password cracking. It should always be your last
resort. Brute force password cracking attempts all possibilities of all the letters, number, special
characters that might be combined for a password and attempts them. As you might expect, the more
computing horsepower you have, the more successful you will be with this approach.
Hybrid
A hybrid password attack is one that uses a combination of dictionary words with special characters,
numbers, etc. Often these hybrid attacks use a combination of dictionary words with numbers
appending and prepending them, and replacing letters with numbers and special characters. For
instance, a dictionary attack would look for the word "password", but a hybrid attack might look for
"p@$$w0rd123".
___________________
CHAPTER 10
Penetration Testing
___________________
Penetration Testing
Penetration testing is the process of attempting to gain access to resources without knowledge of
usernames, passwords and other normal means of access. If the focus is on computer resources, then
examples of a successful penetration would be obtaining or subverting confidential documents,
pricelists, databases and other protected information.
The main thing that separates a penetration tester from an attacker is permission. The penetration
tester will have permission from the owner of the computing resources that are being tested and will
be responsible to provide a report. The goal of a penetration test is to increase the security of the
computing resources being tested.
In many cases, a penetration tester will be given user-level access and in those cases, the goal would
be to elevate the status of the account or user other means to gain access to additional information that
a user of that level should not have access to.
Some penetration testers are contracted to find one hole, but in many cases, they are expected to keep
looking past the first hole so that additional vulnerabilities can be identified and fixed. It is important
for the pen-tester to keep detailed notes about how the tests were done so that the results can be
verified and so that any issues that were uncovered can be resolved.
Its important to understand that it is very unlikely that a pen-tester will find all the security issues. As
an example, if a penetration test was done yesterday, the organization may pass the test. However,
today is Microsofts patch Tuesday and now theres a brand new vulnerability in some Exchange
mail servers that were previously considered secure, and next month it will be something else.
Maintaining a secure network requires constant vigilance.
is hired to test only a single system, they will be unable to identify and penetrate all possible systems
using all possible vulnerabilities. As such, any Penetration Test is a sampling of the environment.
Furthermore, most testers will go after the easiest targets first.
However, the continued adoption of new technologies, including some of these security systems, and
the resulting complexity introduced, has made it even harder to find and eliminate all of an
organizations vulnerabilities and protect against many types of potential security incidents. New
vulnerabilities are discovered each day, and attacks constantly evolve in terms of their technical and
social sophistication, as well as in their overall automation.
External testing
This type of pen test targets a company's externally visible servers or devices including domain name
servers (DNS), e-mail servers, Web servers or firewalls. The objective is to find out if an outside
attacker can get in and how far they can get in once they've gained access.
Internal testing
This test mimics an inside attack behind the firewall by an authorized user with standard access
privileges. This kind of test is useful for estimating how much damage a disgruntled employee could
cause.
Blind testing
A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the
information given to the person or team that's performing the test beforehand. Typically, they may only
be given the name of the company. Because this type of test can require a considerable amount of time
for reconnaissance, it can be expensive.
Four distinct pen testing service offerings you can provide customers to ensure they have full
coverage.
Vulnerability scanning
This is a straightforward opportunity and a mature offering. The biggest question you'll face is
whether to resell a service offering (like that from Qualys) or to buy a tool and use it internally to
scan your customer's networks and systems. Scanning is one of the requirements for nearly every
regulation, so this is an easy step along the path to security assurance, since all of your regulated
customers need to scan.
Infrastructure pen testing
This offering involves a tool that uses live exploits, like Metasploit or Core Impact. You'll use live
ammunition, so orchestrate these tests with the client to ensure the minimum amount of disruption.
You should test all externally visible IP addresses -- that's what the bad guys out there can see and
are likely trying to penetrate. You may also want to see what you can find if you attach to a
conference room network, one of the softest parts of a customer's defenses.
Application pen testing
Trying to break into applications is probably the most important step nowadays, given that so many
attacks directly target applications. You can use a Web application scanner (HP's WebInspect, IBM's
AppScan), but you should also invest in some people that know how to exploit application logic
errors. There's no substitute for a skilled application tester to determine what's broken in an
application. Once the initial application is compromised, go directly after the database, where the
valuable stuff is. If you can get into the database, the customer is owned. It's much better for you to
figure this out than a malicious hacker.
User testing
This is actually the most fun task for penetration testers. You get to see how gullible most users are.
This type of testing can involve emailing fake messages to customer service reps, trying to talk your
way into the facility (past security or the receptionist) or even dropping thumb drives in the parking
lot to see who will plug them into their machines. Many folks are against social-engineering end
users, but not me. Remember, malicious hackers don't have a set of rules. They use social engineering
because it works. Don't let social engineering surprise your customer and catch them off-guard.
Reconnaissance Tools
Reconnaissance often begins with searches of internet databases including DNS registries, WHOIS
databases, Google, on-line news sources, business postings, and many other on-line resources. The
reconnaissance phase often includes print media as well, specifically electronically searchable
archives that would be found at a college library or large public library.
Nmap
Nmap is a popular port scanning tool. Port scanning is typically a part of the reconnaissance phase of
a penetration test or an attack. Sometimes attackers will limit their testing to a few ports while other
times they will scan all available ports. To do a thorough job, a vulnerability scanner should scan all
port and, in most cases, a penetration tester will scan all ports. An actual attacker may choose to not
scan all ports if he finds a vulnerability that can be exploited because of the noise (excess traffic) a
port scanner creates.
Another capability of nmap is its ability to determine the operating system of the target computer.
Different networking implementations will respond differently to different network packets. Nmap
maintains a type of database and will match the responses to make a guess at what type of operating
system the target computer is running. This OS detection isnt perfectly accurate but it can help the
attacker tailor his attack strategy, especially when coupled with other pieces of information.
Nessus
Nessus is a popular vulnerability scanner that many security professionals use regularly. Nessus has a
huge library of vulnerabilities and tests to identify them. In many cases, Nessus relies on the
responses from the target computer without actually trying to exploit the system. Depending on the
scope of a vulnerability assessment, the security tester may choose an exploitation tool to verify that
reported vulnerabilities are exploitable.
Nessus includes port scanning and OS detection, so sometimes a vulnerability assessment will just
use Nessus and let Nessus call nmap or other scanners for these components of the test. For a stealthy
scan, a security professional or an attacker may choose to run these tools separately to avoid
detection.
There are many other reconnaissance tools within the penetration tester arsenal, but two categories
bear special mention here: packet manipulation tools and password cracking tools. The former
category includes tools like hping that allows a penetration tester or attacker to create and send all
types of specially crafted TCP/IP packets in order to test and exploit network-based security
protections, such as firewalls and IDS/IPS. The password cracking category includes tools like John
the Ripper or Cain and Able, which is used to detect and obtain weak password for multiple
authentication mechanisms, such as the ones supported by most Unix and Windows operating systems.
Exploitation Tools
Exploitation tools are used to verify that an actual vulnerability exists by exploiting it. Its one thing
to have vulnerability testing software or banners indicate the possibility of an exploitable service, but
quite another to exploit that vulnerability. Some of the tools in this category are used by both attackers
and penetration testers. There are many more exploitation tools than the ones listed here. Many tools
in this category are single-purpose tools that are designed to exploit one vulnerability on a particular
hardware platform running a particular version of an exploitable system. The tools that weve
highlighted here are unique in the fact that they have the ability to exploit multiple vulnerabilities on a
variety of hardware and software platforms.
They are also not natively integrated into the Framework. This framework is not nearly as extensible
as some other tools; it primarily functions as a GUI to launch attacks from.
CORE IMPACT is a commercial penetration testing tool that combines a healthy dose of
reconnaissance with exploitation and reporting into one point and click penetration testing tool. The
main purpose of CORE
IMPACT is to identify possible vulnerabilities in a program, exploit those vulnerabilities without
causing system outages, and clearly document every step along the way so that the entire procedure
can be verified by another party.
The CORE IMPACT penetration testing tool makes is easy for a network administrator or penetration
tester to run tests against a network or host without having a whole suite of security testing utilities.
Overall, we found the program to do a good job of scanning the network for vulnerabilities,
successfully exploiting them, and reporting on the results.
One really slick feature of CORE IMPACT is the ability to install an agent on a compromised
computer and then launch additional attacks from that computer. This proved useful in an actual
penetration testing assignment by allowing the tester to compromise one machine and from there run
automated scans inside the network looking for additional machines. Those scans werent quite as
good as actually being on-site, but it did allow us to discover internal hosts from outside the network.
For most systems, CORE IMPACT will work well, but as Core Security Technologies states in their
documentation, it isnt meant to be a replacement for an experienced penetration tester. One of the
areas we ran into some trouble on was when a single IP address had different ports mapped to
different servers with different operating systems. Sometimes CORE IMPACT would identify a host
as having a given operating system and then refuse to launch a vulnerability against a service that did
not match that operating system. In one tested network, a single public IP address was in use by three
different computers: an Exchange server, an IIS web server, and a Linux computer running SSH. The
OS had been identified as being in the Linux family so an attack against IIS vulnerability wasnt an
option. We were able to work around this by re-scanning the machine using only the ports that
mapped to the Windows system.
As a commercial vendor, Core Security Technologies does a lot of testing of their exploit code to
ensure that it will not adversely affect the target hosts. In testing CORE IMPACT, we found that it
was rare for it to crash systems. There was one case where an unpatched Windows 2003 server
rebooted a few times in different testing scenarios. Later, the same test was used to exploit the system
and gain access to a command prompt. Other than this one test against an unpatched Windows 2003
server, we did not crash any systems.
The reporting feature of CORE IMPACT is quite good. It includes an executive report, a report that
lists vulnerabilities and all the machines affected by those vulnerabilities, a detailed report of all
hosts and an exhaustive report of every test that was run, when it ran, how long it ran and detailed
results of the running.
This last report is one that you dont need very often but if you do need it, it has all the details do
duplicate a test. Keeping accurate notes is one of the most difficult and time consuming tasks for a
pen-tester because often many tests are attempted with small variations to the test. CORE IMPACT
makes it easy to go back and find any steps that werent properly recorded.
_____________________________
CHAPTER 11
WINDOWS HACKING TRICKS
_____________________________
Windows Hacking
Windows hacking is the practice of modifying Windows Operating System to accomplish a goal
outside of the creators original purpose. People who engage in hacking activities are often called
hackers. Since the word hack has long been used to describe someone who is incompetent at
his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition
to their skills. Windows hacking is most common among teenagers and young adults, although there
are many older hackers as well.
user
profiles
on
the
computer.
HKEY_CURRENT_CONFIG: Contains information about the hardware profile that is used by the
local computer at system startup.
Types of Keys
Binary Value (REG_BINARY):Raw binary data. Most hardware component information is stored
as binary data and is displayed in Registry Editor in hexadecimal format
DWORD Value (REG_DWORD):Data represented by a number that is 4 bytes long (a 32-bit
integer). Can also contain binary, hexadecimal, or decimal format
Expandable String Value (REG_EXPAND_SZ):A variable-length data string. This data type
includes variables that are resolved when a program or service uses the data
String Value (REG_SZ): A fixed-length text string
Multi-String Value (REG_MULTI_SZ):Values that contain lists or multiple values in a form that
people can read are generally this type.
Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your
operating system. We cannot guarantee that problems resulting from modifications to the registry can
NOTE: If you have problems with programs from your computer shutting down too quickly, then
repeat the above steps and increase the time (Step 5) a bit.
1. Press Windows Logo key + R to open Run, type regedit and press Enter.
2. Go to:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Authenticat
LogonUI\Background
3. Double-click the OEMBackground DWORD key and Set value of the key to 1.
4. Select a background image for logon screen with size less than 256 KB and Rename that
image as BackgroundDefault.
5. Copy
that
image,
Open My
Computer
and
go
to
C:\Windows\system32\oobe\info\backgrounds folder
6. Paste it and select Copy and Replace.
Tips: Cut and paste the original log-on Screen image in a folder for further use.
7. Reboot, and now your logon image would have changed.
1. Open the Registry Editor by clicking the Start button, typing regedit into the search box,
and then pressing Enter.
2. Navigate to HKEY_CURRENT_USER\Control Panel\Mouse.
3. On the right, open the MouseHoverTime key and reduce its value from the default 400 to
around 150. (Be careful, as decreasing the key further may cause problems.)
4. After rebooting (restart) Windows the new settings will take effect.
Disable Right-Click
This trick removes the context menu that would normally appear when the user right clicks on the
desktop or in the Explorer right results pane.
1. Open the Registry Editor by clicking the Start button, typing regedit into the search box,
and then pressing Enter.
2. Browse to this key in the registry:
HKEY_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3. Change the value of NoViewContextMenu to 1.
4. Now close the registry editor and restart your computer after any changes to go into effect.
Tips: If NoViewContextMenudoesn't exist then you can create it. Right click in the right-hand pane;
select New, then DWORD (32-bit) Value for 32 bit on Windows 7.
4. Name it NoFolderOptions.
4. Browse to the file extension you wish to edit, click the white triangle beside it to see the
subfolders, and select OpenWithList. In our test, we want to change the programs
associated with PDF files, so we select the OpenWithList folder under .pdf.
5. Notice the names of the programs under the Data column on the right. Right-click the value
for the program you dont want to see in the Open With menu and select Delete.
6. Click Yes at the prompt to confirm that you want to delete this value.
7. Repeat these steps with all the programs you want to remove from this file types Open with
menu. You can go ahead and remove entries from other file types as well if you wish.
8. Restart the computer and check out the Open with menu in Explorer again. Now it will be
much more streamlined and will only show the programs you want to see.
4. Name the key with the following text as shown in the below figure:
{645FF040-5081-101B-9F08-00AA002F954E}
4. Name the key with the following text as shown in the below figure
{26EE0668-A00A-44D7-9371-BEB064C98683}
Or
{21EC2020-3AEA-1069-A2DD-08002B30309D}
Tips:
Category View
{26EE0668-A00A-44D7-9371-BEB064C98683}
Icon View
{21EC2020-3AEA-1069-A2DD-08002B30309D}
3. Click on Windows Log and then double-click on System in the left-hand column for a list
of events.
4. Look for a date and time when you werent home and your computer should have been off.
Double click on the eg: Information and it will show u the detail.
Tips: You can also use this log to see how long someone was on the computer. Just look at the time
the computer was turned on and off for that day.
3. In the right pane, find the Remove and Prevent Access to the shutdown, Restart, Sleep,
and Hibernate. Then double click on it.
If you dont know what youre doing in the Registry, you can mess up your computer pretty good. This
trick helps you to prevent users from accessing the Registry and making any changes to it.
To do this using Local Group Policy Editor:
Tips: This method uses Group Policy Editor which is not available in Home versions of Windows.
1. Type gpedit.msc into the Search box in the Start menu
2. When Group Policy Editor opens, navigate to User Configuration \ Administrative
Templates then select System. Under Setting in the right panel double-click on Prevent
access to registry editing tools.
3. Select the radio button next to Enabled, click OK, then close out of Group Policy Editor.
4. Now if a user tries to access the Registry, Then he will get the following message advising
they cannot access it.
3. Select the radio button next to Enabled, click OK, and then close out of Group Policy
Editor.
Canonical name
Microsoft.ActionCenter
Microsoft.AdministrativeTools
Microsoft.AutoPlay
Microsoft.BackupAndRestore
Microsoft.BiometricDevices
Microsoft.BitLockerDriveEncryption
Microsoft.ColorManagement
Microsoft.CredentialManager
Microsoft.DateAndTime
Microsoft.DefaultLocation
Microsoft.DefaultPrograms
Microsoft.DesktopGadgets
Microsoft.DeviceManager
Microsoft.DevicesAndPrinters
Microsoft.Display
Microsoft.EaseOfAccessCenter
Microsoft.FolderOptions
Microsoft.Fonts
Microsoft.GameControllers
Microsoft.GetPrograms
Microsoft.GettingStarted
Microsoft.HomeGroup
Microsoft.IndexingOptions
Microsoft.Infrared
Microsoft.InternetOptions
Microsoft.iSCSIInitiator
Microsoft.Keyboard
Microsoft.LocationAndOtherSensors
Microsoft.Mouse
Microsoft.NetworkAndSharingCenter
Microsoft.NotificationAreaIcons
Microsoft.OfflineFiles
Microsoft.ParentalControls
Microsoft.PenAndTouch
Microsoft.PeopleNearMe
Microsoft.PerformanceInformationAndTools
Microsoft.Personalization
Microsoft.PhoneAndModem
Microsoft.PowerOptions
Microsoft.ProgramsAndFeatures
Microsoft.Recovery
Microsoft.RegionAndLanguage
Microsoft.RemoteAppAndDesktopConnections
and Desktop
Connections
Scanners and
Cameras
Sound
Speech
Recognition
Sync Center
System
Tablet PC
Settings
Taskbar and
Start Menu
Text to Speech
Troubleshooting
User Accounts
Windows
Anytime
Upgrade
Windows
CardSpace
Windows
Defender
Windows
Firewall
Windows
Mobility Center
Windows
SideShow
Windows
Update
Microsoft.ScannersAndCameras
Microsoft.Sound
Microsoft.SpeechRecognition
Microsoft.SyncCenter
Microsoft.System
Microsoft.TabletPCSettings
Microsoft.TaskbarAndStartMenu
Microsoft.TextToSpeech
Microsoft.Troubleshooting
Microsoft.UserAccounts
Microsoft.WindowsAnytimeUpgrade
Microsoft.CardSpace
Microsoft.WindowsDefender
Microsoft.WindowsFirewall
Microsoft.MobilityCenter
Microsoft.WindowsSideShow
Microsoft.WindowsUpdate
4. Then Show Content dialog-box will appear. Type the required Canonical names and click
OK.
For example: If i want to hide Action Center, then I will type Microsoft.ActionCenter in the Value
field.
5. Click OK, and then close out of Group Policy Editor.
Note: In this example we are only going to hide the control panel items we want to see (white list)
however if you use the Show specified Control Panel items policy setting you can black list only the
items you dont want listed.
3. Select the radio button next to Enabled, click OK, and then close out of Group Policy
Editor.
4. After the Control Panel is disabled, youll notice its no longer listed in the Start Menu.
5. If the user tries to type Control Panel into the Search box in the Start menu, they will get the
following message indicating its restricted.
3. Double-click Turn off Windows+X Hotkeys in the Settings section of the Group Policy
editor.
4. Double-click the shortcut to instantly shut down the system. (For Single Click Follow the
below tips)
Tips:
To Customize the Shortcut icon Right-click on the shortcut > Click Properties > Click
Change Icon> Choose an icon > Click OK> Click OK
You can pin this shortcut from the desktop to the taskbar by right-click on the shortcut and
click Pin to Taskbar.
To
Shutdown
Restart
Logoff
Hibernate
Sleep
3. Click Next and give a name to shortcut. For example, My Computer. Click Finish.
4. A new shortcut of My Computer placed on desktop. It has the same icon like that of
Windows explorer. You can change its icon if you wish.
5. Drag this shortcut and pin it to the taskbar, after which you can delete the desktop shortcut.
5. Now you have created a shortcut for Safety Remove Hardware on your desktop!!! Now
whenever you want to eject your hardware device like pen drive, and then just double click
on it and you can remove your Hardware device safely.
loop
2. Click File (from the Menu bar)and Save as the notepad file as anything.vbs (.vbs is must)
3. Open your save file and see your keyboard led blinking like disco lights.
Tips: How to stop this?
1.
2.
3.
4.
This is very good and interesting javascript trick which let your computer speaks whatever you type.
There is no requirement of any software. Just follow below simple steps.
1. Open Notepad and type below codes into it.
Dim message, sapi
message=InputBox("What do you want me to say?","TALKING COMPUTER")
Set sapi=CreateObject("sapi.spvoice")
sapi.Speak message
2. Click File (from the Menu bar)and Save as the notepad file as anything.vbs
3. Open that save file.
4. Type anything and click ok to make your computer talk whatever you typed.
3. Close Notepad.
4. Right click on the saved .exe file on your desktop (ex: Drive C.exe), and click on Pin to
Taskbar.
5. Right click on the pinned .exe icon on the taskbar, right click on the .exe file (ex: Drive
C.exe) in the jump list, and click on Properties.
6. In the Start in field, make sure it's blank. In the Target field, change it to be the drive letter
path (ex: C:\ ) that you want the pinned icon on the taskbar to open. Click on OK. (Just
Looks Like the below image)
7. Log off and log on, or restart the computer to have the icon on the taskbar to change to the
correct drive icon afterwards.
8. You can now drag the drive icon anywhere you like within the other pinned icons on the
taskbar if you like.
9. You can now delete the .exe file on your desktop (ex: Drive C.exe) if you like.
Tips: To Unpin Drive from Taskbar: Right click on the pinned drive icon on the taskbar, and click on
Unpin this program from taskbar.
Tips:
Make sure the file name has .bat extension.
Use this carefully. The Computer shuts down the computer forcefully.
Inspired by the movie Matrix, this falling code trick is extremely popular on social networking
websites. Type the code given below in Notepad and save the file as "Matrix.bat" or anything.bat
(File Extension must be .bat). Upon running the bat file, you will see the "Matrix falling code" effect.
@echo off
color 02
:matrix tricks
echo
%random%%random%%random%%random%%random%%random%%random%%random%
goto matrix tricks
you put them back in, it will pop them out again. Type the code given below in Notepad as eject.vbs
or anything.vbs (File Extension must be .vbs)
Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
ifcolCDROMs.Count>= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop
Double click to open this file and you will be impressed by this awesome trick.
1.
2.
3.
4.
Open Notepad.
Type .LOG
Save the file as LOG.txt
Write anything in it and it will be saved with the time when you edit it.
1.
2.
3.
4.
Open Notepad.
Type the flight number Q33N
Go to Format > Font and then Change the Font to Wingdings
Increase the Font Size to 72, Click OK.
Tips: If you would like to retain a nice interface, select Custom and check Use visual styles on
windows and buttons.
as it is here, though, including the curly brackets. When you press Enter the extension of the
name will disappear
3. Double-clicking the GodMode will display shortcuts to functions in the Action Centre, the
Network and Sharing Centre, Power options, troubleshooting tools, user accounts and others
- more than 260 options in total. You can rename the folder as you wish.
Tips:
To create
Go to Control Panel.
If you are in Category view: Click on Appearance and Personalization> Folder Option
If you are in Large icon/Small icon view: Click on Folder Options
Click on View tab
5.
6.
7.
8.
9.
3. Click OK.
Invisible a folder
2. Select to rename it, delete the default New folder title. (do not Press Enter)
3. Press and hold Alt then 0160 (press the numbers from Number pad which is locatedon the
right hand side of the keyboard), release the Alt key and then press Enter. This names the
folder as a Space. (Make sure Num Lock is ON)
Tips: Desktops must use the number keys on the right of the keyboard and not above the letters.
For it to work on your laptop you need to keep Holding down the Alt key you will also need to
hold the Fn key and type the numbers "0160." These are over the letters m, j, o, m. Let go of all
of the keys and hit enter. Holding the Alt and typing those numbers will name the folder as a
space, pretty much giving it no name. Make sure the Num Lock on the laptop is selected from on
screen keyboard.
4. Select and right click on the folder. Select Properties, then Customize tab, and then
Change icon.
5. If you scroll through the provided icons, you will see a certain area that seems a few icons
are simply missing. Select one of those empty spaces, or in other words, invisible folders.
6. Click OK, then Apply, then OK.
7. You now have an invisible folder on your desktop to place any files you want to make
transparent. Please remember that this is not a secured file, just invisible to the eyes.
3. In the Command Prompt window type the below command and Press Enter
4. net user Account Name Your New Password
Example of Reset password on Command Prompt : In the above picture SRB is the Account Name
and 123456 is the new password
5. At last a message will show "The command completed successfully".
6. Lock your computer and type the new password to unlock it.
Tips: Remember the new password, dont forget it.
4. Put tick mark in Telnet Client and Telnet Server like the above image. Then click OK.
5. Open Command Prompt. Type telnet towel.blinkenlights.nl and press Enter. The Star
Wars movie will start immediately.
3. Click OK.
Now you can easily select multiple items using only the mouse.
Use Pen drive to fast your computer (Boost performance with ReadyBoost)
Windows 7 has a feature called ReadyBoost which enables its users to use their pen drives as
temporary RAM for their systems. This feature is helpful when because of any reason you need to
speed up your system for short time. Instructions to do this are given below:
1.
2.
3.
4.
5. If you want to dedicate the entire space of your pen drive for ReadyBoost you can select the
radio button that says Dedicate this device to ReadyBoost. Alternatively you can dedicate
any specified amount of space from the pen drive for ReadyBoost. To do this you can select
Use this device radio button and in the text box you can specify the amount of space from
the pen drive that you want Windows 7 to use as RAM.
6. Click OK buttons on all Windows to accept and confirm your selections and configurations.
More Info: When ReadyBoost is enabled a file named ReadyBoost.sfcache is created. This file is
compressed and encrypted so that even if anyone steals the pen drive, the thief cannot read data the
pen drive contains.
Recommendations: Dont pull flash drive out of USB Port while it is being used as a ReadyBoost
device. Dont save any data files on the flash drive when it is being used as ReadyBoost device.
The next time you use your USB drive on another computer, it will prompt you for the password
before allowing you read-only access to your flash drive. You can even use the drive on older
Click Start, type recdisc.exe in the search boxand press Enter. Insert a blank CD/DVD in your
CD/DVD drive, and click Create Disc.
You can rotate Desktop Screen by 90 or 180 or 360 angles. You can invert your window screen and
can impress your friends; this is one of the scariest tricks which turn Windows upside down. Here are
steps:
Press
Ctrl + Alt + Down
arrow key
Ctrl + Alt + Left
arrow key
Ctrl + Alt + Right
arrow key
Ctrl + Alt + Up
To
Rotate by 180 degree,
invert screen.
Rotate by 90 degree.
Rotate by 270 degree
Make it normal again.
arrow key
Tips: If the keyboard shortcut doesnt work, then follow the below steps
1. Go to Control Panel\Appearance and Personalization\Display\Screen Resolution OR
Right-click on the Desktop and click Screen Resolution.
2. Click on the drop-down menu labeled Orientation and choose your desired screen rotation.
3. Click Apply to preview the changes. If the changes are acceptable, click Keep changes
from the confirmation pop-up window.
4. Click OK to close the Display Settings window.
4. This will show the time when you last rebooted the computer. Subtract that from the current
date-time to know for how long you have been running the computer.
Tips: To know the date of installation of Windows on your PC Type systeminfo | find /I install
date
Process 2
1. Open Task Manager by pressing Alt + Ctrl + Delete orright click on the taskbar and
click Start Task Manager.
2. Switch to the Performance tab and you should see a field that says Up Time as shown in
the below figure.
Make a Private Folder no-one can enter, copy, cut, delete Private Folder
To make Private folder which nobody can open, delete, see properties, rename. To make such a
folder you need to make a folder with any name.
Follow the steps to make a Private Folder:
1. Create a New Folder and rename as you wish. In this example I rename the folder to Secret.
5. Then type cacls secret /E /P everyone:n and Press Enter to Lock the Secret folder.
6. To unlock the Secret folder type cacls secret /E /P everyone:f and Press Enter.
4. Check the Switch primary and secondary buttons option as shown in the above image.
5. Left click on Apply and OK.
together. I like to use more descriptive names than SR782711OI for example; I called my new
desktop ULTRACOMPUTER.
1. Right-click on MY Computer and click on Properties. Then a window opens as shown in
the below image.
4. Click on Computer Name tab and click on Change button on the right-low side.
5. Enter a name in Computer name field. You could also change the name of the workgroup to
something more descriptive as well. Click OK. Youll have to reboot after you make this
change.
Steganography is the art and science of hiding messages. Steganography is often combined with
cryptography so that even if the message is discovered it cannot be read. The word steganography is
derived from the Greek words "steganos" and "graphein", which mean "covered" and "writing."
Steganography, therefore, is covered writing. Historical steganography involved techniques such as
disappearing ink or microdots. Modern steganography involves hiding data in computer files. It is
fairly easy to hide a secret message in a graphic file without obviously altering the visible
appearance of that file.
To hide a text behind an image:
To hide a file behind a image file which means that if any one opens that image he will see the image
only but if you open in a special way then you can open the hidden file behind the image.
1. Open Command Prompt, by going to Start > All Programs > Accessories > Command
Prompt
2. Select an image to be used for hiding file behind the image.
3. Now select a file to hide behind the image and make it in .RAR format with the help of the
WinRAR.
4. And most important is that paste both the files on desktop and run the following command on
the command prompt.
There is an easy way to disable delete confirmation dialog box in Windows 7. As you disable delete
confirmation dialog box in Windows 7, you will be able to save a lot of your time. However, it is
recommended that you do not disable delete confirmation dialog box in Windows 7 unless really
necessary. You should turn it back on after you are done with your cleaning up of the computer.
Follow these easy steps to disable delete confirmation dialog box in Windows 7:
1. Right-click on the Recycle Bin icon on the desktop
2. Select Properties. The Recycle Bin Properties dialog box will appear.
Snap
You can use Snap to arrange and resize windows on the desktop with a simple mouse
movement.
Using Snap, you can quickly align windows at the side of the desktop, expand them
vertically to the entire height of the screen, or maximize them to completely fill the desktop.
Snap to sides of the desktop
Drag a window to the side of the desktop to expand it to half of the screen
Note: By snapping the other side, the window maximizing in that manner.
Snap to top of the desktop
To use Snap, drag the title bar of an open window to either side of the desktop to align it there, or
drag it to the top of the desktop to maximize the window. To expand a window vertically using Snap,
drag the top edge of the window to the top of the desktop.
Drag a window to the top of the desktop to expand it to full of the screen
Aero Peek
You can use Aero Peek features to quickly preview the desktop without minimizing all your
windows, or preview an open window by pointing at its icon on the taskbar.
If the program isnt running, click Start, find the programs icon, right-click the icon, and
then click Pin to Taskbar.
You can also pin a program by dragging the programs shortcut from the Desktop or Start
menu to the taskbar.
Example of dragging and pin: Pin a program from desktop (Left) : Pin a program from Start menu
(Right)
You cannot pin the Control Panel to the taskbar via the Start Menu or by drag and drop. Open the
Control Panel and right-click its taskbar icon to pin it to the taskbar. An advantage of this is that
Control Panels Jump List allows quick access to recently used functions.
You need to create a New folder (that should be an empty folder), Name it as you wish.
Right click on the taskbar, Uncheck Lock the taskbar to unlock the taskbar
Go to Toolbars>Newtoolbar (by using right-click on taskbar)
Select the folder that youve just created. (Hint: New empty folder)
Drag the new toolbar all the way to the left, and here you can adjust any extra spaces you
would like to have between the start menu button and the icons.
6. Right-click on the new toolbar and Uncheck Showtitle, and ShowText.
7. Adjust the taskbar icons to center of the taskbar.
8. Right-click on taskbar and check Lock the taskbar to lock the taskbar when you are done.
Right-click Start, select Properties, click Customize and choose the Number of recent programs
to be display and the Number of items display in Jump Lists from the Start Menu Size section
below. Click OK.
Before adding the folder to favourite list (Left) : After adding the folder to favourite list (Right)
You can add any library or folder to the Favorites section in Windows Explorer. To add a folder,
navigate to it in Explorer, right-click Favorites in the left navigation pane, and select Add current
location to Favorites. You can remove the folder form the Favorites list by right-click the folder
from the Favorite list and click Remove.
the Start Menu search box. Choose your options and Finish.
Disk Management
Partition manager
Display Properties
Event Viewer
Folder Options
Fonts
Fonts folder windows
Free Cell (card game)
Hearts (card game)
IExpress (file generator. Cab)
Internet Properties
IP Config
(display
configuration)
IP Config (displays the contents
of the DNS cache)
IP Config (erases the contents
of the DNS cache)
IP Config (IP configuration
cancels maps)
IP Config
(renew
IP
configuration maps)
Keyboard Properties
Local Security Settings
Logout
Microsoft Chat
Minesweeper (game)
Properties of the mouse
Network Connections
Network configuration wizard
Notepad
Screen Keyboard
Monitor performance
Monitor performance (2)
Power Options
Printers and Faxes
Regional
and
Language
Options
Registry Editor
Remote desktop connection
Scheduled Tasks
Security Center
Console management services
Turn off windows
Sounds and Audio Devices
Spider (card game)
System Configuration Editor
System Configuration Utility
System Properties
System Information
Task Manager
Telnet client
User Accounts
diskmgmt.msc
diskpart
control desktop
Eventvwr.msc
control folders
control fonts
fonts
freecell
mshearts
IExpress
inetcpl.cpl
ipconfig / all
ipconfig / displaydns
ipconfig / flushdns
ipconfig / release
ipconfig / renew
control keyboard
secpol.msc
logoff
winchat
winmine
control mouse
control NetConnect
netsetup.cpl
notepad
OSK
perfmon.msc
Perfmon
powercfg.cpl
control printers
intl.cpl
regedit
Mstsc
control schedtasks
wscui.cpl
services.msc
shutdown
mmsys.cpl
Spider
sysedit
msconfig
sysdm.cpl
Dxdiag
taskmgr
telnet
nusrmgr.cpl
Utilman
magnify
syskey
wupdmgr
write
_________________________
CHAPTER 12
INTERNET HACKING TRICKS
_________________________
Internet Hacking
Internet hacking means accessing a secure computer system by disabling or bypassing the
security. Some hackers will steal data or destroy data, or use the system to hide their tracks as
they hack into a different system and some just do it for fun. Like most cases of extortion, the
criminal's identity is especially difficult to trace and is magnified because of the nature of the
internet. When the Internet was gaining immense popularity, businesses were scrambling to secure
domain names and using the technology to expand their market. Seeing e-commerce as an
untapped goldmine, many were eagerly diving headfirst into a slew of problems, including security
breaches. Viruses, shutdowns, crashes and email hacking will be the burden of the user, a
company's money lost to theft will be the burden of its customers and a government's money spent
on security will be the burden of its citizens.
Block and unblock any website
First you have to show all hidden files, folders, and drives on your computer.
Go to My Computer > Tools > View
Click on the Show hidden files, folders, and drives button.
5. Click host and click Open. Then the notepad is seems to be like in below picture.
6. Now add a new entry in the bottom, let you want to block www.facebook.com.then add the
line 127.0.0.1 www.facebook.com
7. This line means that when you try to open the www.facebook.com,then it is redirected to IP
Address 127.0.0.1, which is a back IP of the windows.
8. Save the file (by pressing Ctrl + S) and restart the computer. Then www.facebook.com is
block for all browsers.
9. To unblock it, remove the entry, which you have made and Save the file. Then restart the
computer.
Tips: This method works for all browsers.
Note: You can bypass registration of software by blocking their website and update requests using
this trick.
How to Increase Internet Speed
Many of internet users are not happy with their slow internet connections speed. So this is the trick to
increase your internet speed by yourself easily. To do this,
1. Click on the Start button, type gpedit.msc on the search bar and then press Enter button.
Then a Local Group Policy Editor window will appear.
2. I n Group Policy window click on Computer configuration menu. Then click on
Administrative Templates.
3. Click on Network. Under the Network menu click on QoS Packet Scheduler.
4. Under the QoS Packet Scheduler menu double click on Limit reservable Bandwidth
option.
5. Then in Limit reservable Bandwidth window you will find that the settings and are
disabled. But by default Limit reservable Bandwidth is eating your internet speed by 20%.
In this you have to do a simple thing. Click on Enabled button in Limit reservable
Bandwidth menu; reduce the Bandwidth by 0%.
4. Just double click on it and change its value to 120000. If you want to input your own value,
then you should know that the value is actually in milliseconds. So, if you want to change the
interval to 1 minute, then you would enter 60000.
5. Click OK and restart the Firefox.
Log in to multiple web accounts simultaneously - (Google, Gmail, Facebook, Twitter, etc.)
Many of us have multiple accounts with one web site. Whether it be several Gmail accounts or two
separate twitter accounts or any such multiple accounts. But it is always a hassle to have to log out of
each account to access another. Follow the steps to log in to multiple web accounts simultaneously.
In Internet Explorer 8 and higher version
Open Internet Explorer, Click on File and then New Session. This opens up a new browser window
that will allow you to log into different accounts across the sessions.
2. Enter the URL (that you want to convert into pdf format). In this case I have typed the web
address http://en.wikipedia.org/wiki/Windows_8
3. Click
button next to the Enter url Location field.
4. In a few seconds, this website allows you to download a PDF version of the requested
webpage.
5. Then you can download the PDF file and read even through the requested URL may be
blocked.
Similarly, there is another website http://joliprint.com/ helps you to save and share the pdf format of
web-article. This site gives you various options for saving the file. You can directly download it,
have it send to your Email address or even can be shared using Facebook and Twitter. In this way
you can access the blocked website on the internet.
JOLIPRINT - http://joliprint.com/
1. Type http://www.joliprint.com on your browsers address bar.
2. Enter the URL (that you want to convert into pdf format).
3. Click joliprint it ! button next to the Enter URL Location field.
4. In a few seconds, this website allows you to download a PDF version of the requested
webpage. You can save the PDF file to Google Docs, Gmail and share with Facebook and
Twitter.
If a PDF files have some restrictions (like Copy from the PDF file wont work, etc.) and password.
Then the website http://www.pdfunlock.com/ helps you to remove passwords and restrictions from
secured PDF files.
1. Go to http://www.pdfunlock.com/
2. Browse the PDF file that you want to unlock. Then click Unlock!.
3. Within few seconds, you will able to download the unlocked PDF file.
File Type
PDF
Excel
Website
www.pdfunlock.com
www.unlock-pdf.com
www.unprotectexcel.com
2. Suppose you wish to convert an image to PNG format. Select the conversion and click on
Go.
3. Now browse the file or enter the web URL of the image. Select the quality settings and then
click on Convert.
4. After the conversion, you will find the download link of the converted file. Download the
file.
3. Opposite to the check box name Enable JavaScript, you can find a button named
Advanced. Click on it.
You could again enter the above URL in the second Firefox that appears to open a third one. You
could repeat this as many times as your screen size permits.
YouTube SECRETS
YouTube, the extremely popular video sharing website averaging more than 3 billion page views per
day needs no introduction to its fans who spend a considerable amount of their time watching and
sharing videos on it. While most of these users know every nook and corner of this website, there are
some features that are hidden deep within, in a manner that only few of the most experienced users
seem to know about them. This article contains some such features, tips and tricks.
YouTube MySpeed
Are YouTube videos taking too much time to load on your internet connection? Visit the YouTube
MySpeed page to find your video streaming speed and compare it with the average speed of your ISP,
your city, your state, your country and the world.
YouTube Disco
YouTube is all set to replace your music players with YouTube Disco. This music discovery project
allows you to find the videos of your choice, create a list of them and then easily watch them without
having the need to choose a new video after the one you are watching is finished.
YouTube Editor
Do you edit your videos before uploading them to YouTube? Now, you don't need to because it lets
you to do all of that online with YouTube Editor; well not all of that but it at least lets you combine,
trim and rotate videos. The best part about YouTube Editor is that it allows you to find copyright free
music that you can add to your videos. It also offers some comparably advanced features like
stabilizing shaky videos and inserting transitions.
YouTube TV
YouTube lets you watch the videos of your choice but have you ever wanted to just sit back and enjoy
watching videos just like you watch television? If you have, then YouTube TV can be of help.
YouTube TV plays high quality full screen videos tailored to your choices (if you are signed in to
your Google account). If you are not signed in, you can choose a category to watch videos from,
watch featured videos and even search for the video of your choice.
Set default video playback quality
Are you annoyed at manually changing the quality of every YouTube video you watch? Now you don't
need to, because YouTube has an option that automatically lets you select the quality of videos you
see. If you have a slow connection, you can select the option of never playing high quality videos.
You can also select the option of showing captions and annotations automatically.
Watch Videos blocked in your country with a URL trick
If the URL of the video that is blocked in your country is youtube.com/watch?v={video-id}, you can
access it by going to youtube.com/v/{video-id}. As an additional advantage, you will be able to view
the video at the full size of your browser window.
4. Change the value from 1 to 2 and restart Firefox. The spelling checker should now work in
most online forms.
www.usernamecheck.com is a site, in which you can use to check the username availability on
multiple sites at once. You can type in your desired name usernamecheck.com will scan over 20
social networks and services and tells you within seconds whether the username is available or taken.
If it is available, it provides Thumbs Up sign to the site, where you can sign up before someone else
takes your name.
You don't need the http:// portion of a web page on Address bar/Location bar
When typing an Internet address you do not need to type http:// or even www. in the address.
For example, if you want to visit Google you could just type google.com and press Enter.
Type google.com and press Enter (Left) : Type google and press Ctrl + Enter (Right)
To make things even quicker, if you're visiting a .com address you can type google and then press
Ctrl + Enter to type out the full http://www.google.com address.
Take advantage of tabbed browsing
Take full advantage of tabbed browsing in all Internet browsers. While reading any web page if you
come across a link you may be interested in open that link in a new tab so it can be viewed later. A
new tab can be opened by holding down the Ctrl key and clicking the link or if you have a mouse
with a wheel click the link with the middle mouse button.
Quickly move between the fields of a web page
If you're filling out an online form, e-mail, or other text field you can quickly move between each of
the fields by pressing the Tab key or Shift + Tab to move back a field.
To move Forward, press Tab key.
To move Backward, press Shift + Tab key.
For example, if you're filling out your name and the next field is your e-mail address you can press the
Tab key to switch to the e-mail field.
Tips
This tip also applies to the buttons, if you press tab and the web developer has designed
correctly the button should be selected and will allow you to press the Space bar or Enter
to push the button.
If you have a drop-down box that lists every country or every state you can click that box
and then press the letter of the state or country you're looking for. For example, is a
drop-down box of States in the India you could press u on the keyboard to quickly scroll
to I types.
Google Im Feeling Lucky button Magic Tricks
Go to Google Home Page (www.google.com) and type the following codes and click Im Feeling
Lucky button right next to the Google Search button. You must Turn off Instant search (from
Search settings option).
Type the following codes and click Im Feeling Lucky button
right next to the Google Search button.
google sphere
google gravity google mirror
google pacman
weenie google lol limewire
epic google
annoying google
rainbow google let it snow
tilt
google loco
google
heart epic box
whos awesome
who is the
page
cutest
google magic
sexy snape
Google Pirate
Google Hacker
Google God
Google Gothic
Google Piglatin
GoHarsh
Google Pond
Translate
for Funny Google
"Googlo"
Animals
Google Blackle Google
Google Guitar
do a barrel roll
Variations
Google
Google color How Huge Is am I awesome
country
name
Google?
name
(Infographic)
Tips:
Type Google country name and click on Im Feeling Lucky. For example type google
If you click Google Search button after type the code, then you have to click on the first web-search
option.
1.
2.
3.
4.
Header
Search bar
Search results
Tools & filters
5. Right-hand section
6. Bottom of the page
Google Calculator
Google search can be used as a calculator. It can calculate anything from the simplest math to the most
complex equation. Enter any math equation into the search box and we'll calculate your answer.
Example: Type 100 * 3.14 - sin(65) and Click Google Search or Press Enter.
Example: Type time london and Click Google Search or Press Enter.
Trace My IP Address
If you want to know the exact IP address of your computer, then type my ip & Press Enter.
Example: Type my ip and Click Google Search or Press Enter.
4. With the tools in the bottom panel, you can filter your search to include only photos with
faces, clip art, high-res images or only images that are available for commercial use.
Go to http://goo.gl/ and paste the long URL you wish to shorten into the input box at the top of the
page. Click Shorten and to the right of the box youll see a short goo.gl URL that can be copied and
pasted anywhere youd like to share it.
If youd like to track the analytics of your shortened URL, please sign in to your Google Account
before shortening your URL. Your shortened URL will automatically be added to your goo.gl history.
Google Earth
Google Earth is a virtual globe, map and geographical information program that was originally called
EarthViewer 3D.
Google Earth allows you to travel the world through a virtual globe and view satellite imagery, maps,
terrain, 3D buildings, and much more. With Google Earth's rich, geographical content, you are able to
experience a more realistic view of the world. You can fly to your favorite place, search for
2. Click Download
3. After completion of download, open Google Earth.
Intitle:
Allintitle:
Inurl:
Allinurl:
filetype:
(or ext:)
Numrange:
Link:
Inanchor:
Allintext:
cache:
Example
software
site:www.download.com
will find all sites containing the
word software, located within the
download.com domain
intitle:google hacking
will find all sites with the word
google in the title and hacking in
the text
allintitle:google hacking
will find all sites with the words
google and hacking in the title
inurl:google hacking
will find all sites containing the
w o r d hacking in the text and
google in the URL
allinurl:google hacking
will find all sites with the words
google and hacking in the URL
filetype:pdf hacking
will return PDFs containing the
word hacking, while filetype:xls
hacking
will return Excel
spreadsheets with the word
hacking
numrange:50000-100000 car
will return sites containing a
number from 50000 to 100000
and the word car. The same result
can
be
achieved
with
50000..100000 car
link:www.google.com
will return documents containing
one
or
more
links
to
www.google.com
inanchor:hacking
will return documents with links
whose description contains the
w or d hacking (that's the actual
link text, not the URL indicated by
the link)
allintext:google hacking
will return documents which
contain
the
phrase google
hacking in their text only
cache:www.timesofindia.com
will display Googles cached
info:
(or id:)
related:
OR
Help
Center
Google
Help Center
Google+
Help center
Google Play
Help center
YouTube
Help center
Gmail Help
center
Web
Search
Help center
Google Map
Help center
Google
Chrome
Help center
Google
Features
Website
https://support.google.com
https://support.google.com/plus
https://support.google.com/googleplay
https://support.google.com/youtube
https://support.google.com/mail
https://support.google.com/websearch
https://support.google.com/maps
https://support.google.com/chrome/
www.google.com/insidesearch/features/
Backup all your facebook data like photos, videos, and text
3. On the Security tab click on Deactivate Your Account at the bottom of page.
4. Confirm Facebook Account Deactivation page will load. Select one of the reasons why
you want to delete your Facebook account and click on confirm button.
5. Your facebook account will be deactivated after again choosing the Deactivate button on
next step.
If you would like to delete your Facebook account permanently with no option for recovery, then
1. Log in to your Facebook account.
2. Open https://www.facebook.com/help/delete_account in your browser
3. Click on delete my account.
Your facebook account will be deleted after choosing reasons why you want to delete your Facebook
account and click on confirm button.
Post blank status and comment on facebook
This is an amazing trick to post blank status and comments on Facebook means your status update
shows nothing and your friends will be amazed to see this.
Updating Blank Status
4. That's it and now use Esc key for exit full screen mode.
Facebook Emoji
Facebook includes a long list of emoji and emoticons that users can use in messages, status updates,
comments and basically any place there is text on Facebook. You can use the emoji keyboard on your
iPhone or Android, but you can also type out Facebook emoticon short codes in Facebook.
FACEBOOK
SHORT
EMOTICON
CODE
NAME
(y)
Like
O:)
Angel
3:)
Devil
8-)
Glasses
<3
Heart
:*
Kiss
:v
Pac Man
<()
Penguin
:|]
Robot
(^^^)
Shark
:-o
Gasp
:p
Tongue Out
^_^
Kiki
8-|
Sunglasses
:poop:
Poop
:3
The list of Facebook emoticons above includes the short code that you need to type in to Facebook to
make the emoji. You can also copy and paste the short code from this list.
Convert Facebook Profile into a Page
The method is very cool as you will no need to individually invite all your friends to like your page
as you will be just converting the Facebook profile into the page. So just follow up some of simple
steps below to proceed.
1. First of all login into your profile which you want to migrate to a Facebook page.
2. Now open the link to migrate your profile.
3. Now you will see all the category in which you can change your page, select any of your
choice or need.
4. Now agree the Facebook terms and conditions and proceed.
5. Note that converting your facebook profile into a page will lost all your facebook data and
your friends will convert into your page likes.
6. Facebook will ask you some security question while proceeding answer them and proceed.
7. That is it you are done now your profile get completely converted into a page, share your
links and media there.
2. Provide accurate information in details about your business in About Section of Page or Profile.
In About section you must add :
First of all install and open the Google Chrome Browser of your computer.
Now in the browser open the link by clicking here.
Now you will see Facebook unseen extension in the page displayed.
Now click on install there and installation process will begin and the extension will get
added in your browser.
5. Thats it you are done now you can easily see all the message without showing the seen on
that with this extension.
HIDE LAST SEEN IN FACEBOOK CHAT IN MOZILLA FIREFOX
1. First of all install and open the Mozilla Firefox Browser of your computer.
2. Now install the plugin stealth by clicking here.
3. Thats it you are done now you can easily see all the message without showing the
seen on that with this extension.
Wayback Machine
It is a digital archive of the World Wide Web and other information on the Internet created by the
Internet Archive, a non-profit organization, based in San Francisco, California. It was set up by
Brewster Kahle and Bruce Gilliat, and is maintained with content from Alexa Internet. The service
enables users to see archived versions of web pages across time, which the Archive calls a "three
dimensional index."
Since 1996, they have been archiving cached pages of web sites onto their large cluster of Linux
nodes. They revisit sites every few weeks or months and archive a new version if the content has
changed. The intent is to capture and archive content that would otherwise be lost whenever a site is
changed or closed down. Their grand vision is to archive the entire Internet.
The name Wayback Machine was chosen as a droll reference to a plot device in an animated cartoon
series, The Rocky and Bullwinkle Show. In one of that animated cartoon's component segments,
Peabody's Improbable History, lead characters Mr. Peabody and Sherman routinely used a time
machine called the "WABAC machine" (pronounced wayback) to witness, participate in, and, more
often than not, alter famous events in history.
1. Go to http://archive.org/web/
2. Then in the search bar enter the Website URL, which you wish to go back in it.
3. Then click on BROWSE HISTORY.
4. Select a date on that calendar and go you are now seeing the page of history of that
website.
Communication between two computers (shown in grey) connected through a third computer
(shown in red) acting as a proxy. Bob does not know whom the information is going to, which is
why proxies can be used to protect privacy.
Glype
A web-based proxy script is hosted on a website which provides a proxy service to users via a web
browser. A proxy service downloads requested web pages, modifies them for compatibility with the
proxy, and forwards them on to the user. Web proxies are commonly used for anonymous browsing
and bypassing censorship and other restrictions.
Glype : https://www.glype.com/
Glype Downloader : https://www.glype.com/download.php
Glype is a web-based proxy script written in PHP which focuses on features, functionality, and ease
of use. Webmasters use Glype to quickly and easily set up their own proxy sites. Glype helps users to
defeat Internet censorship and be anonymous while web browsing. There have been over 949,000
downloads of Glype since 2007. Thousands of web-based proxy websites are powered by Glype.
Glype Features
Free for personal use and licensing options are available for commercial use.
Source Viewable and webmasters may modify the source code subject to the terms of the
Software License Agreement.
Plug and Play. Simply upload, configure and go!
Admin Control Panel for easy management and configuration.
JavaScript Support provides increased compatibility with websites.
Skinable. A theme system allows for customization of your proxy.
Access Controls blacklist users by IP address and websites by domain name.
Blocked.com Integration protects the proxy by blocking specificed countries, filtering
companies, malicious traffic, bots and spiders, and more.
Unique URLs provide greater privacy by expiring URLs in the browser history at the end of
a browsing session.
Plugins allow for easy installion of site-specific modifications. Useful for adding new
functionality to websites.
Advanced Options let users change their user-agent and referrer, manage cookies, and
remove JavaScripts and Flash.
Hide-My-IP.Com
This is a tool which, once installed on your computer, will allow you to bypass censorship, hide your
identity and surf the internet anonymously.
https://www.hide-my-ip.com/
Surf anonymously, prevent hackers from acquiring your IP address, send anonymous email, and
encrypt your Internet connection. Protect your online privacy by changing your IP with Hide My
IP.
https://anonymous-proxy-servers.net/en/jondo.html
You may use JonDonym for anonymous surfing, anonymous e-mail, chats and other purposes. JonDo,
formerly JAP, is the ip changer proxy tool you have to install on your computer. It acts as a proxy and
will forward the traffic of your internet applications multible encrypted to the mix cascades and so it
will hide your ip address. It is a Java application, open source and you can download it for free. You
may use JonDonym for free, but free mix cascades are restricted in some cases.
JonDo will provide an anonymisation proxy for you, but it does NOT change your system setting. You
have to configure the proxy setting of each internet application you want to use anonymous with
JonDonym by self.
where you went if he or she happened to be at the supermarket when you got out of the car, there are
complicated timing algorithms that can figure out your activity at the exact moment you leave the
encrypted tunnel. VPN services, while tremendously helpful, are not fool-proof. As with anything else
on the Internet, don't do anything stupid.
There are several reasons why you should use VPN services: to change your IP address to something
else, to prevent anyone from eavesdropping on your online activity while you are connected to Wi-Fi
networks, and to make it harder for online advertisers to track you. There are activists who rely on
VPN services to get around government censors to communicate with the outside world. Of course,
that may be against the law in countries with strict censorship, so be careful.
VPN services are very useful and we highly recommend using them to protect your online activity
from malicious snoops. Yes, you can change your IP address to pretend to be from someplace else in
order to access content that may be restricted on a geographic basis. But be smart: don't ignore the
company's terms of service in order to get around the geographic restrictions for your own personal
gratification. You can't complain if you get caught.
How to Pick a VPN Service
The VPN services market has exploded over the past three years. Many providers are capitalizing on
the general population's growing concerns about surveillance and cyber-crime, which means it's
getting hard to tell when a company is actually providing a secure service and when it's throwing out
a lot of fancy words while selling snake oil. It's important to keep a few things in mind when
evaluating which VPN service is right for you: reputation, performance, type of encryption used,
transparency, ease of use, support, and extra features. Don't just focus on price.
Despite widespread agreement that VPN services are important to online privacy, you don't actually
see a lot of big-name security companies getting into the game. Symantec was one of the first security
companies to dip its toe into the VPN pool, but it has since discontinued its Norton Hotspot Privacy
product. F-Secure (Freedome) and Avast! (SecureLine) are among the few security companies still in
the space. Most VPN providers tend to be stand-alone companies, such as Spotflux and AnchorFree
(Hotspot Shield Elite), which makes it a little harder to figure out who to trust. I tend to trust
companies that have been around a little longer, just because if they are terrible to their customers,
then it would be easier to uncover the complaints than if the company just popped up a year ago. But
your mileage may vary when looking at the company reputation.
Performance is a must when considering VPN services. When you didn't have a lot of choices, you
expected to have hiccups and lags while online. Now that there are services that still give you a great
experience online while keeping you secure, there is no reason to accept slow speeds or servers
which are frequently offline. We spend about a week testing each service at varying times of the day
and from different locations to make sure we get a good idea of what the overall service is like. Look
for services that provide a free trial, and take advantage of it. Make sure you are happy with what you
sign up for, since most of them will not give you any refunds. This is actually why I also recommend
starting out with a short terma week or a monthto really make sure you are happy. Yes, you may
get that discount by signing up for a year, but that's a lot of money to lose if you realize the service
doesn't meet your performance needs.
I am not a cryptography expert so I can't verify all of the encryption claims providers make. I do know
that when I looked at my network traffic using tools such as Wireshark, they were encrypted. I
verified that what URLs I visited and what data I was submitting on forms were not transmitted in
plaintext. At the very least, there would be no virtual eavesdropping by the person sitting in the coffee
shop. I prefer providers that use OpenVPNit's a standard, and it's a lot better than the common (and
older) PPTP. I am not saying do not use PPTPit's still preferable to not having anything at all.
Transparency is a big one for me. Is it easy to find the terms and conditions and privacy policy for the
service? Does the privacy policy spell out what the service does, what it collects, and what its
responsibilities are? There are companies that explain they collect some information but aren't clear
on how it is being used. Somelike HideIPVPNtell you upfront that P2P and torrenting is not
allowed, and that they will cancel your account if they suspect you of using it while connected to their
service. I appreciated TorGuard's clear explanation of how it keeps track of payment card
information without maintaining any logging information. Find out where the company is based
some countries don't have data retention laws so it is easier to keep the "We don't keep any logs"
promises.
What kind of user are you? Some people are comfortable setting up the service by downloading a
configuration file and importing it into the OpenVPN client. Others just want a simple executable to
download, install, and be up and running. Or you may prefer something small and invisible operating
in the background you don't have to think about.
A decent VPN service should be easy enough to use that you don't have to worry about support. But
you want help available for when things go wrong. Online tutorials and extensive documentation
should be a must. Chat support and phone support are definitely useful for those times when you just
need to get a person online. If the service accepts alternate payments, that's a good thing to look at.
I've yet to use Bitcoin to sign up for any of these services, but I've used pre-paid cards to sign up for
some. It's a little bit more work, but sometimes, it's not a bad idea to keep some payments separate
from your main credit card.
Finally, know what you are looking for. Do you just want a vanilla VPN service that just encrypts
your connection and gives you a brand-new IP address? Or are you looking for something more? I
personally prefer a service which acts proactively and shuts down certain applications if my VPN
connection drops suddenly (Kill Switch). Perhaps you want the service to automatically turn onor
prompt you to turn onif you launch a browser. Or you want some kind of network metering so that
you can track your usage. Perhaps you want to block aggressive advertising trackers. If you are a
heavy BitTorrent user, don't select a VPN service which specifically says it won't allow P2P or
torrents.
The original AdBlock for Chrome. Block all advertisements on all web pages, even
Facebook, Youtube, and Hulu.
It works automatically: just click "Add to Chrome," then visit your favorite website and see
the ads disappear!
You can also get AdBlock for Safari, Opera, and Firefox from getadblock.com.
Adblock for Youtube
Removes the video ads from Youtube
Facebook AdBlock
Tired of Facebook ads?
No problem ! Just install this AdBlock extension and all your problems are gone.
This Facebook AdBlock will remove the ads from your Facebook page, to leave you with
clean Facebook pages.
Photo Zoom for Facebook
Join nearly 5 million people using Photo Zoom for Facebook, the Highest Rated Most
Popular Extension for Google Chrome!
FlashControl
FlashControl prevents Flash content from loading unless you allow it.
Google Dictionary (by Google)
View definitions easily as you browse the web.
Google Mail Checker
Displays the number of unread messages in your Google Mail inbox. You can also click the
button to open your inbox.
Popup Blocker Pro
Blocks unwanted popups and popunders on sites you visit.
You will see a notification when any popup is blocked. You can add sites to whitelist to
ignore this.
White list is synchronised to all chrome browsers that you are signed in.
Ghostery
Protect your privacy. See who's tracking your web browsing with Ghostery.
Silver Bird
Silver Bird is a Twitter extension that allows you to follow your timelines and interact with
your Twitter account.
WOT
WOT helps you find trustworthy websites based on millions of users experiences and is
one of Chromes most popular add-ons
Video Downloader professional
Download videos from web sites or just collect them in your video list without
downloading them.
Turn Off the Lights
The entire page will be fading to dark, so you can watch the videos as if you were in the
cinema
LastPass: Free Password Manager
LastPass, an award-winning password manager, saves your passwords and gives you
secure access from every computer and mobile device
Click&Clean
Deletes typed URLs, Cache, Cookies, your Download and Browsing History...instantly,
with just 1-click on Click&Clean button
Speed Dial [FVD]
New Tab Page Replacement with 3D Speed Dial and predefined images, sync and organize
your bookmarks, groups, and most visited
Facebook Invite All
Automatically invite all your facebook friends to Events or Pages with just one click
Todoist: To-Do list and Task Manager
Todoist is the leading online to-do list and task manager. We manage millions of to-dos and
we are ready to manage yours as well!
Emoji Input by EmojiStuff.com
Allows you to see and input emoji on any website. Can replace Twitter and Gmail style
emoji with iPhone style emoji.
Buffer
Buffer is the best way to share great content to Twitter, Facebook and LinkedIn from
anywhere on the web, with just one click.
Evernote Web Clipper
Use the Evernote extension to save things you see on the web into your Evernote account.
Tampermonkey
The most popular userscript manager for Blink-based browsers
feedly Mini
The easiest way to add content to your feedly.
Proxy SwitchySharp
Manage and switch between multiple proxies quickly & easily. Based on "Proxy Switchy!"
& "SwitchyPlus"
Pushbullet
Bringing together your devices, friends, and the things you care about.
RSS Feed Reader
Get a simple overview of your RSS and Atom feeds in the toolbar
video quality of your choice. It also contains a pure JavaScript library to extract the
ORIGINAL audio file embedded in video files.
Web Developer
The Web Developer extension adds various web developer tools to the browser.
X-notifier (for Gmail,Hotmail,Yahoo,AOL ...)
Notifier for gmail, yahoo, hotmail, aol and more webmails.
X-notifier(aka WebMail Notifier) checks your webmail accounts and notifies the number of
unread emails...
Supports : gmail, yahoo, hotmail, POP3/IMAP, facebook, twitter and more
Web of Trust WOT
Find out which websites you can trust. WOT adds intuitive traffic light-style icons next to
search results and URLs to help you make informed decisions about whether to visit a site
or not.
FoxyProxy Standard
FoxyProxy is an advanced proxy management tool that completely replaces Firefox's
limited proxying capabilities. For a simpler tool and less advanced configuration options,
please use FoxyProxy Basic.
Fastest Search - Browse/Shop Faster!
Search/browse/shop faster than ever! Ctrl-Shift-F for whole-word/regex/all tabs/diacritic
search;create custom engines;shopping assistant compares price;Smart SearchBox;Preview
results;Auto copy plain text, dnd save image/open link.
DownThemAll!
The first and only download manager/accelerator built inside Firefox!
LastPass Password Manager
LastPass, an award-winning password manager, saves your passwords and gives you
secure access from every computer and mobile device.
AutoProxy
Are you concerned about your privacy? Or, are you blocked from some websites by a
firewall? And, are you arming yourself with a proxy? In that case, AutoProxy is designed
for you! A tool to help you use your proxy automatically & efficiently.
KeeFox
Simple and secure password management. Login automatically, never forget another
password, stay in control of your passwords and improve their security. Powered by the
world-renowned KeePass Password Safe.
LeechBlock
LeechBlock is a simple productivity tool designed to block those time-wasting sites that can
suck the life out of your working day. All you need to do is specify which sites to block and
when to block them.
_______________
CHAPTER 13
Top Most
Hackers
_______________
Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author
and hacker.
He was once the most wanted cybercriminal in the world. He had an obsession with computers that
escalated into a two and half year hacking spree where he stole millions of dollars of corporate
secrets from IBM, Motorola, telecom companies and even the National Defense warning system.
At age 15, Mitnick used social engineering and dumpster diving to bypass the punch card system used
in the Los Angeles bus system. After a friendly bus driver told him where he could buy his own ticket
punch, he could ride any bus in the greater LA area using unused transfer slips he found in the trash.
Social engineering later became his primary method of obtaining information, including user-names
and passwords and modem phone numbers.
Mitnick first gained unauthorized access to a computer network in 1979, at 16, when a friend gave
him the phone number for the Ark, the computer system Digital Equipment Corporation (DEC) used
for developing their RSTS/E operating system software. He broke into DEC's computer network and
copied their software, a crime he was charged with and convicted of in 1988. He was sentenced to 12
months in prison followed by three years of supervised release. Near the end of his supervised
release, Mitnick hacked into Pacific Bell voice mail computers. After a warrant was issued for his
arrest, Mitnick fled, becoming a fugitive for two and a half years.
According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of
computer networks while he was a fugitive. He used cloned cellular phones to hide his location and,
among other things, copied valuable proprietary software from some of the country's largest cellular
telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered
computer networks, and broke into and read private e-mail. Mitnick was apprehended on February
15, 1995, in Raleigh, North Carolina. He was found with cloned cellular phones, more than 100 clone
cellular phone codes, and multiple pieces of false identification.
In 1999, he was convicted of various computer and communications-related crimes. At the time of his
arrest, he was the most-wanted computer criminal in the United States.
Since 2000, Mitnick has been a paid security consultant, public speaker and author. He does security
consulting for Fortune 500 companies, performs penetration testing services for the world's largest
companies and teaches Social Engineering classes to dozens of companies and government agencies.
He was delivered into U.S. custody in September 1997, and tried in the United States District Court
for the Southern District of New York. In his plea agreement he admitted to only one count of
conspiracy to defraud and to stealing US$3.7 million. In February 1998 he was convicted and
sentenced to three years in jail, and ordered to make restitution of US$240,015. Citibank claimed that
all but US$400,000 of the stolen US$10.7 million had been recovered.
In 2005 an alleged member of the former St. Petersburg hacker group, claiming to be one of the
original Citibank penetrators, published under the name ArkanoiD a memorandum on popular
Provider.net.ru website dedicated to telecom market. According to him, Levin was not actually a
scientist (mathematician, biologist or the like) but a kind of ordinary system administrator who
managed to get hands on the ready data about how to penetrate in Citibank machines and then exploit
them.
ArkanoiD emphasized all the communications were carried over X.25 network and the Internet was
not involved. ArkanoiD's group in 1994 found out Citibank systems were unprotected and it spent
several weeks examining the structure of the bank's USA-based networks remotely. Members of the
group played around with systems' tools (e.g. were installing and running games) and were unnoticed
by the bank's staff. Penetrators did not plan to conduct a robbery for their personal safety and stopped
their activities at some time. One of them later handed over the crucial access data to Levin
(reportedly for the stated $100).
In 2005 an anonymous hacker group came claiming that they were the ones truly responsible for
the theft and that they only sold Vladimir the data needed to steal the money.
He was known by his Internet handle, Solo. Using that name, he coordinated what would
become the largest military computer hack of all time. The allegations are that he, over a 13month period from February 2001 to March 2002, illegally gained access to 97 computers
belonging to the U.S. Armed Forces and NASA.
He claimed that he was only searching for information related to free energy suppression and UFO
activity cover-ups. But according to U.S. authorities, he deleted a number of critical files, rendering
over 300 computers inoperable and resulting in over $700,000 in damages.
Being of Scottish descent and operating out of the United Kingdom, he was able to dodge the
American government for a time. As of today, he continues to fight against extradition to the United
States.
Mathew Bevan (a.k.a Kuji) and Richard Pryce (a.k.a Datastream Cowboy)
This British hacking duo took the U.S. government for a ride when they attacked the Pentagon's
network for several weeks in 1994. They copied battlefield simulations from Griffiss Air Force Base
in New York, intercepted messages from U.S. agents in North Korea, and got access into a Korean
nuclear facility. Pryce was a 16-year-old then, and Bevan was 21 (he's thought to have been tutoring
Pryce).
The hacking attacks were especially troublesome for the U.S. government because they couldn't tell if
the duo was using their system to hack into a South or North Korea - if it were North Korea, the
attacks could've been seen as an act of war. Luckily, South Korea was the hackers' target, and after an
international investigation, they were arrested in the following year.
He was a high school student from West Island, Quebec, who launched a series of highly
publicized denial-of-service attacks in February 2000 against large commercial websites,
including Yahoo!, Fifa.com, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. He also launched
a series of failed simultaneous attacks against 9 of the 13 root name servers.
On February 7, 2000, Calce targeted Yahoo! with a project he named Rivolta, meaning riot in
Italian. Rivolta was a denial-of-service attack in which servers become overloaded with different
types of communications to the point where they shut down completely. At the time, Yahoo! was a
multibillion dollar web company and the top search engine. Mafiaboy's Rivolta managed to shut
down Yahoo! for almost an hour. Calce's goal was, according to him, to establish dominance for
himself and TNT, his cybergroup, in the cyberworld. Buy.com was shut down in response. Calce
responded to this in turn by bringing down Ebay, CNN, Amazon and Dell.com via DDoS over the
next week.
In a 2011 interview, Calce tried to redeem his image by saying that the attacks had been launched
unwittingly, after inputting known addresses in a security tool he had downloaded from a repository
on the now defunct file-sharing platform Hotline, developed by Hotline Communications. Calce
would then have left for school, forgetting the application which continued the attacks during most of
the day. Upon coming home Calce found his computer crashed, and restarted it unaware of what had
gone on during the day. Calce claimed when he overheard the news and recognized the companies
mentioned being those he had inputted earlier in the day that he "started to understand what might have
happened".
He was a mobile hacker who launched his work from the confines of Internet cafes, libraries or
coffee shops. He actually did it just as a challenge and for fun, as he would regularly break into
computer systems and then immediately tell the owner of the network about its vulnerability. He
even made himself an expert by adding his name to the database of the New York Times.
Lamo first gained media attention for breaking into several high-profile computer networks, including
those of The New York Times, Yahoo!, and Microsoft, culminating in his 2003 arrest. In 2010, Lamo
reported U.S. soldier PFC Bradley Manning (now known as Chelsea Manning) to federal authorities,
claiming that Manning had leaked hundreds of thousands of sensitive U.S. government documents to
WikiLeaks. Manning was arrested and incarcerated in the U.S. military justice system and later
sentenced to 35 years in confinement.
In 2004 he started to work with botnets rxbot, a computer worm that can spread his net of infected
computers which gave him control to 500,000 computers including US military computers.
In November 2005 he was captured in an elaborate sting operation when FBI agents lured him to their
local office on the pretext of collecting computer equipment. The arrest was part of the Operation Bot
Roast.
On May 9, 2006 Ancheta pleaded guilty to four felony charges of violating United States Code
Section 1030, Fraud and Related Activity in Connection with Computers. Ancheta must serve 60
months in prison, forfeit a 1993 BMW and more than $58,000 in profit. He must also pay restitution
of $15,000 US to the U.S. federal government for infecting the military computers.
What is his ticket to fame? He was convicted and sent to prison for hacking in the United Statesall
while he was still a minor. At only fifteen years of age, he managed to hack into a number of
networks, including those belonging to Bell South, Miami-Dade, the U.S. Department of Defense, and
NASA.
Yes, James hacked into NASAs network and downloaded enough source code to learn how the
International Space Station worked. The total value of the downloaded assets equaled $1.7 million.
To add insult to injury, NASA had to shut down their network for three whole weeks while they
investigated the breach, which cost them $41,000.
The story of James has a tragic ending, however. In 2007, a number of high profile companies fell
victim to a massive wave of malicious network attacks. Even though James denied any involvement,
he was suspected and investigated. In 2008, James committed suicide, believing he would be
convicted of crimes that he did not commit.
Albert Gonzalez
He paved his way to Internet fame when he collected over 170 million credit card and ATM card
numbers over a period of 2 years. Yep. Thats equal to a little over half the population of the
United States.
He started off as the leader of a hacker group known as ShadowCrew. This group would go on to
steal 1.5 million credit card numbers and sell them online for profit. ShadowCrew also fabricated
fraudulent passports, health insurance cards, and birth certificates for identity theft crimes totaling
$4.3 million stolen.
The big bucks wouldnt come until later, when Gonzalez hacked into the databases of TJX Companies
and Heartland Payment Systems for their stored credit card numbers. In 2010, Gonzalez was
sentenced to prison for 20 years (2 sentences of 20 years to be served out simultaneously).
He gained his fifteen minutes of fame by utilizing his intricate knowledge of telephone systems. At
one point, he hacked a radio stations phone lines and fixed himself as the winning caller, earning
him a brand new Porsche. According to media, he was called the Hannibal Lecter of computer
crime.
He then earned his way onto the FBIs wanted list when he hacked into federal systems and stole
wiretap information. Funny enough, he was later captured in a supermarket and sentenced to 51
months in prison, as well paying $56,000 in restitution.
Like Kevin Mitnick, Poulsen changed his ways after being released from prison. He began working as
a journalist and is now a senior editor for Wired News. At one point, he even helped law
enforcement to identify 744 sex offenders on MySpace.
Anonymous
The concept of being a digital Robin Hood was far from being conceived, but in the computer age,
it is very likely that someone somewhere has bagged this title. A hacktivist group called
Anonymous are known with the penname of being the digital Robin Hood amongst its supporters.
Identified in public by wearing a Guy Fawkes Masks, Anons, as they are widely known, have
publicized themselves by attacking the government, religious and corporate websites. The Vatican,
the FBI, the CIA, PayPal, Sony, Mastercard, Visa, Chinese, Israeli, Tunisian, and Ugandan
governments have been amongst their targets. Although, Anons have been arguing whether to engage
in a serious activism or a mere entertainment, many of the group members have clarified their intent
which is to attack internet censorship and control.
Anonymous originated in 2003 on the imageboard 4chan, representing the concept of many online and
offline community users simultaneously existing as an anarchic, digitized global brain.
Beginning with 2008's Project Chanologya series of protests, pranks, and hacks targeting the
Church of Scientologythe Anonymous collective became increasingly associated with
collaborative hacktivism on a number of issues internationally. Individuals claiming to align
themselves with Anonymous undertook protests and other actions (including direct action) in
retaliation against anti-digital piracy campaigns by motion picture and recording industry trade
associations.
In 2012, Time called Anonymous one of the "100 most influential people" in the world.
Anons have publicly supported WikiLeaks and the Occupy movement. Related groups LulzSec and
Operation AntiSec carried out cyberattacks on US government agencies, media, video game
companies, military contractors, military personnel, and police officers, resulting in the attention of
law enforcement to the groups' activities. It has been described as being anti-Zionist, and has
threatened to erase Israel from the Internet and engaged in the "#OpIsrael" cyber-attacks of Israeli
websites on Yom HaShoah (Holocaust Remembrance Day) in 2013.
LulzSec
LulzSec or Lulz Security, a high profile, Black Hat hacker group, gained credentials for hacking into
Sony, News International, CIA, FBI, Scotland Yard, and several noteworthy accounts. So notorious
was the group that when it hacked into News Corporations account, they put across a false report of
Rupert Murdoch having passed away. While the group claims to have retired from their vile duties,
the motto of the group, Laughing at your security since 2011! stays alive. There are assertions of the
group having hacked into the websites of the newspapers like The Times and The Sun to post its
retirement news. Many, however, claim that this group had taken it upon itself to create awareness
about the absence of efficient security against hackers.
One of the founders of LulzSec was a computer security specialist who used the online moniker Sabu.
The man accused of being Sabu has helped law enforcement track down other members of the
organization as part of a plea deal. At least four associates of LulzSec were arrested in March 2012
as part of this investigation. British authorities had previously announced the arrests of two teenagers
they allege are LulzSec members T-flow and Topiary.
Astra
Astra, a Sanskrit word for weapon was the penname of a hacker who dealt in the weapon stealing and
selling. A 58-year-old Greek Mathematician hacked into the systems of Frances Dassault Group,
stole vulnerable weapons technology data and sold it to different countries for five long years. While
the real identity of the ASTRA remains untraced, officials have said that he had been wanted since
2002. Astra sold the data to approximately 250 people from around the globe, which cost Dassault
$360 millions of damage.