FTHlCAl

HACKlt6
Presented By-
Aditya Prakash Gupta
CS-A
0806810003

Ethical Hacking - ?
Why - Ethical Hacking ?
Ethical Hacking - Process
Ethical Hacking - Commandments
Reporting

Ethical
Hacking
Conforming to accepted professional standards of conduct
WhaL ls LLhlcal Packlng
Process of breuklng lnto systems for:
Personul or Commerclul Culns
Mullclous lntent - Cuuslng sever dumuge to
lnformutlon & Assets
Also Culled - Attuck & Penetrutlon 1estlng,
vhltehut hucklng, Red teumlng
White-hat - Good Guys
lack-hat - ad guys

Lth|ca| nack|ng
W L ls Legal
W ermlsslon ls obLalned from Lhe LargeL
W arL of an overall securlLy program
W denLlfy vulnerablllLles vlslble from nLerneL aL
parLlcular polnL of Llme
W LLhlcal hackers possesses same skllls mlndseL and
Lools of a hacker buL Lhe aLLacks are done ln a non
desLrucLlve manner

Lth|ca| nack|ng
W ndependenL compuLer securlLy rofesslonals
breaklng lnLo Lhe compuLer sysLems
W nelLher damage Lhe LargeL sysLems nor sLeal
lnformaLlon
W LvaluaLe LargeL sysLems securlLy and reporL back Lo
owners abouL Lhe vulnerablllLles found

t|f| Lth|ca| nack

Lth|ca| nack but not |m|na|
nack
W ompleLely LrusLworLhy
W SLrong programmlng and compuLer neLworklng skllls
W Learn abouL Lhe sysLem and Lrylng Lo flnd lLs
weaknesses
W 1echnlques of rlmlnal hackersueLecLlon
revenLlon
W ubllshed research papers or released securlLy
sofLware
W no Lxhackers

Jhy Lth|ca| nack|ng
une 01, 2004 to Dec.31, 2004
Domains No of Defacements
.com 922
.gov.in 24
.org 53
.net 39
.biz 12
.co.in 48
.ac.in 13
.info 3
.nic.in 2
.edu 2
other 13
Total 1131
anuary - 2005
Defacement Statistics for Indian Websites

Jhy Lth|ca| nack|ng
Total Number of Incidents Incidents

Jhy Lth|ca| nack|ng

Jhy Lth|ca| nack|ng
Viruses, Trojan
Horses,
and Worms
SociaI
Engineering
Automated
Attacks
AccidentaI
Breaches in
Security
DeniaI of
Service (DoS)
OrganizationaI
Attacks
#0897.90/
,9,
Protection from possible External Attacks

Lth|ca| nack|ng oc
reparaLlon
2 looLprlnLlng
3 LnumeraLlon llngerprlnLlng
4 denLlflcaLlon of vulnerablllLles
3 ALLack LxplolL Lhe vulnerablllLles

aat|on
denLlflcaLlon of 1argeLs company webslLes mall
servers exLraneLs eLc
Slgnlng of onLracL
AgreemenL on proLecLlon agalnsL any legal
lssues
onLracLs Lo clearly speclfles Lhe llmlLs and
dangers of Lhe LesL
Speclflcs on uenlal of Servlce 1esLs Soclal Lnglneerlng
eLc

1lme wlndow for ALLacks
1oLal Llme for Lhe LesLlng
rlor knowledge of Lhe sysLems
key people who are made aware of Lhe LesLlng

oot|nt|ng
ollecLlng as much lnformaLlon abouL Lhe LargeL
unS Servers
8anges
AdmlnlsLraLlve onLacLs
roblems revealed by admlnlsLraLors
nformaLlon Sources
Search Lnglne
lorums
uaLabase

Lnumat|on |ng|nt|ng
W Speclflc LargeLs deLermlned
W denLlflcaLlon of Servlces / open porLs
W CperaLlng SysLem LnumeraLlon
,tho
anner grabblng
8esponses Lo varlous proLocol (, 1) commands
orL / Servlce Scans 1 onnecL 1 S?n 1 ln
eLc
@oo|
W nmap lScan Pplng llrewall neLcaL Lcpdump ssh
LelneL Sn, Scanner

denLlflcaLlon of vulnerablllLles
Iu|nab|||t|
W nsecure onflguraLlon
W Weak passwords
W unpaLched vulnerablllLles ln servlces CperaLlng
sysLems appllcaLlons
W osslble vulnerablllLles ln Servlces CperaLlng SysLems
W nsecure programmlng
W Weak Access onLrol

denLlflcaLlon of vulnerablllLles
,tho
W unpaLched / osslble vulnerablllLles 1ools
vulnerablllLy lnformaLlon WebslLes
W Weak asswords uefaulL asswords ruLe force
Soclal Lnglneerlng LlsLenlng Lo 1rafflc
W nsecure rogrammlng SCL n[ecLlon LlsLenlng Lo
1rafflc
W Weak Access onLrol uslng Lhe AppllcaLlon Loglc
SCL n[ecLlon

ALLack LxplolL Lhe vulnerablllLles
CbLaln as much lnformaLlon (Lrophles) from Lhe
1argeL AsseL
Calnlng normal Access
LscalaLlon of prlvlleges
CbLalnlng access Lo oLher connecLed sysLems
LasL ulLch LfforL uenlal of Servlce

ALLack LxplolL Lhe vulnerablllLles
-twok Infatuctu Attack
onnecLlng Lo Lhe neLwork Lhrough modem
Weaknesses ln 1 / neLCS
lloodlng Lhe neLwork Lo cause uCS
at|ng Sytm Attack
ALLacklng AuLhenLlcaLlon SysLems
LxplolLlng roLocol mplemenLaLlons
LxplolLlng nsecure conflguraLlon
reaklng llleSysLem SecurlLy

ALLack LxplolL Lhe vulnerablllLles
A||cat|on Sc|f|c Attack
W LxplolLlng lmplemenLaLlons of P11 S,1 proLocols
W Calnlng access Lo appllcaLlon uaLabases
W SCL n[ecLlon
W Spammlng

ALLack LxplolL Lhe vulnerablllLles
Lx|o|t
lree explolLs from Packer WebslLes
usLomlsed free explolLs
nLernally ueveloped
1ools nessus ,eLasplolL lramework

CeL ouL of !all free card
W SecurlLy evaluaLlon plan
denLlfy sysLem Lo be LesLed
2 Pow Lo LesL?
3 LlmlLaLlons on LhaL LesLlng
W LvaluaLlon done under a noholdsbarred"
approach
W llenLs should be aware of rlsks
W LlmlL prlor knowledge of LesL

8eporLlng
W ,eLhodology
W LxplolLed ondlLlons vulnerablllLles LhaL could noL
be explolLed
W roof for LxplolLs 1rophles
W racLlcal SecurlLy soluLlons

LLhlcal Packlng ommandmenLs
W Worklng LLhlcally
W 1rusLworLhlness
W ,lsuse for personal galn
W 8especLlng rlvacy
W noL rashlng Lhe SysLems