Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ARYA INSTITUTE OF
ENGINEERING TECHNOLOGY &
MANAGEMENT
OMAXE CITY, JAIPUR
DEPARTMENT OF COMPUTER SCIENCE ENGINEERING
Session 2016-2020
A SEMINAR REPORT
Submitted in partial fulfillment of requirement for the degree of
BACHELOR OF TECHNOLOGY
RAJASTHAN TECHNICAL UNIVERSITY, KOTA (RAJASTHAN)
“ETHICAL HACKING”
Submitted to Submitted by
Mr. Arpit Kumar Sharma Rakesh Kumar
Assistant Professor B.Tech (VII Sem)
C.S.E. Department 16EAOCS033
DEPARTMENT OF COMPUTER SCIENCE ENGINEERING
CERTIFICATE
I have taken efforts in this project. However, it would not have been possible without the
kind support and help of many individuals and organizations. I would like to extend my sincere
thanks to all of them.
I wish to extend my sincere gratitude to my seminar guiders, Mr. Arpit Kumar Sharma
and Miss Poonam Chaturvedi, Department of Computer Science Engineering, for their valuable
guidance, encouragement and constant supervision as well as for providing necessary
information regarding the project & for their support in completing the project.
I am also grateful to my parents and friends for their timely aid without which I would
not have finished my seminar successfully. I extend my thanks to all my well wishes and all
those who have contributed directly and indirectly for the completion of this work.
Last but not the least, I thank God Almighty for his blessings without which the
completion of this seminar would not have been possible.
Thanking You
Rakesh Kumar
CONTENT
8. Conclusion …..19
9. References …..20
ABSTRACT
Cyber security is one on the biggest threat as well as opportunity in the contemporary
world. The exponential rise in the volume, veracity, and variety of cyber-crime cases has to be
matched with a significant increase in cyber security professionals. The biggest problem of the
industry is the lack of efficient work force. The ever-increasing attacks on technology and the
lack of skilled resources make IT Security, one of the highest paying jobs of the world.
Today more and more software’s are developing and people are getting more and more
options in their present software’s. However, many are not aware that they are being hacked
without their knowledge. One reaction to this state of affairs is a behavior termed Ethical
Hacking” which attempts to proactively increase security protection by identifying and patching
known security vulnerabilities on systems owned by other parties. A good ethical hacker should
know the methodology chosen by the hacker like reconnaissance, host or target scanning,
gaining access, maintaining access and clearing tracks. For ethical hacking, we should know
about the various tools and methods that can be used by a black hat hacker apart from the
methodology used by him. From the point of view of the user, one should know atleast some of
these because some hackers make use of those who are not aware of the various hacking methods
to hack into a system. Also when thinking from the point of view of the developer, he also
should be aware of these since he should be able to close holes in his software even with the
usage of the various tools. With the advent of new tools, the hackers may make new tactics. At
least the software will be resistant to some of the tools.
1
Chapter - 1
INTRODUCTION
The increase in the amount of internet users and development of a vast cyberspace comes the
need to secure the information systems.
Cybersecurity is the security of the user using technologies from cybercrime, emotional and
mental harassment, financial extortion and social exploitation. Cybersecurity also covers security
of the data generated due to the mutual interaction of these technologies.
2
1.4. Need of Cyber-Security
Cybercrimes has emerged as one of the most disastrous acts of crime, hacking a global
impact. According to Forbes report, the cybersecurity market is expected to rise form $75 billion
in 2015 to $170 billion by 2020. A survey conducted by Symantec concludes that the demand of
Cybersecurity professionals, to safeguard our information systems, is expected to rise to 6
million (throughout the world) by 2019. According to NASSCOM, India alone needs 10 Lakh
cybersecurity professionals by 2025. The ever-increasing attacks on technology and the lack of
skilled resource make an IT security, one of the highest paying jobs of the world. Cybersecurity
professionals represent the topmost layer on the pyramid of IT professionals.
We need cybersecurity –
To protect our information systems from getting hacked
To protect our users from scams like phishing and social engineering
To prevent anyone’s finances from being stolen
To prevent our systems from malware attacks, that may disrupt the information stored on
a device or damage the device itself
TABLE 1.1
TOP 5 LARGEST DATA BREACHES TILL DATE
1. Yahoo
Reason: Hacking
Year: 2019
3
3. Facebook
Year: 2019
4. Marriott International
Year: 2018
Reason: Hacking
Year: 2016
4
Chapter – 2
2.1. Hacker
Eric Raymond defines a hacker as ‘Clever Programmers’.
A Hacker is a person who finds and exploits the weakness in computer systems and/or
networks to gain access. Hackers are usually skilled computer programmers with knowledge of
computer security.
Hackers are classified according to the intent of their actions. The following list classifies
hackers according to their intent.
a) Ethical Hacker (White hat): A hacker who gains access to systems with a view to fix
the identified weaknesses. They may also perform penetration Testing and vulnerability
assessments.
b) Cracker (Black hat): A hacker who gains unauthorized access to computer systems for
personal gain. The intent is usually to steal corporate data, violate privacy rights, transfer
funds from bank accounts etc.
5
c) Grey hat: A hacker who is in between ethical and black hat hackers. He/she breaks into
computer systems without authority with a view to identify weaknesses and reveal them
to the system owner.
d) Script kiddies: A non-skilled person who gains access to computer systems using
already made tools.
e) Hacktivist: A hacker who use hacking to send social, religious, and political, etc.
messages. This is usually done by hijacking websites and leaving the message on the
hijacked website.
The phases involved in a successful and undetectable hacking process are as follows:
6
of Source, IP Address range, DNS Records, Network, etc. this phase includes the
following operations –
Internet searches Social engineering
Dumpster diving Domain name management
Non-intrusive network scanning
ii. Scanning – After gathering all the required information for the penetration process, the next
phase that comes is the scanning phase where the attacker begins scanning parameters and
network devise looking for open ports and possible vulnerability. Some type of scanning are
– Port scanning, Network scanning, Vulnerability scanning, OS scanning.
iii. Gaining Access – In this phase the attacker exploits the system. The usual goal is to
either extract information of value of the attacker or use the network as a launch site for
attacks against other targets. The vulnerability detected by footprinting and scanning are
now exploited to gain access.
iv. Maintaining Access - After the attacker gained access to the system, the next step involves
maintaining the access long enough in order to accomplish the objective. Even though the
attacker has penetrated into your security parameter successfully, this phase can increase the
attacker’s vulnerability towards detection. There are different ways through which that can
happen, but typically through the installation of hidden applications for repeated and
unfettered access based on backdoors, Trojan horses, rootkits etc.
v. Clearing Tracks - After the objective of the attacker is achieved successfully, the
attacker usually takes steps to hide all the intrusions and all the possible controls left
behind during all the phases. This usually starts with erasing the contaminated logins and
any possible error messages that may have been generated from the attack process. After
all the information of interest has been eradicated from the target, they will install several
back doors so that easy access can be obtained in the future.
7
Chapter 3
CYBER CRIMES
8
b. Harassment via E-mails - In this kind of cyber-attack, victims are harassed with letters
or with picture, audio or video-based attachments, sent via e-mails.
c. Defamation - The criminal act of defamation includes hacking of an individual's email or
other social media accounts to be used to send obscene content to their networks and
defame their credibility.
d. Hacking - Hacking involves complete invasion of an individual's computer system or
online accounts in a way to harm the individual.
e. Cyber bullying - It is defined as the harassment of people in a deliberate, repeated, and
hostile manner. A very common example of cyber bullying is dating abuse within
relationships; for instance, people leaking private pictures or videos to harass their partners.
f. Cracking - Using this form of cyber-attack, an individual's computer systems are hacked
with the intent to tamper the stored confidential data (like bank account details or security
passwords).
g. Email Spoofing - This is one of the most common methods of cybercrimes wherein, the
recipient sees a spoof of the source of a received message and not its actual origin.
h. SMS Spoofing - With this type of cyber-attack, the attacker sends a message via the
internet that is received by the target recipient on their mobile phones as an SMS.
i. Carding - An individual's finances are attacked using this form of cyber-attack. The
cyber criminals use fake ATMS, Debit or Credit Cards to withdraw money from the
victim's bank accounts.
9
c. Hacking Systems - Attacks pertaining to the destruction of information systems with the
intent to harm the credibility of a system (or individual) and not to specifically cause any
financial damage fall under this category of cyber-attack.
d. Cyber Trespass - It refers to an act of intentionally accessing, modifying, damaging or
deleting someone's computer system, network or data without necessary authorization
to do so.
a. Cyber Terrorism - Terror activities like: denial of service attacks, attack on sensitive
networks and damaging Critical Information Infrastructure (CII) that happen over the
internet fall under this category of cyber-attacks.
b. Cyber Warfare- The deliberate act of strategically targeting the information system of a
nation, to gather military based data (to be used against that particular nation to cause
disruption or during war), is termed as Cyber Warfare.
c. Pirated Software - Piracy is a crucial problem for the protectors of information systems.
When used against the government, the intensity of this issue increases substantially.
There is number of pirated software that has been created to damage and destroy
confidential government records.
Figure 3.1
Evolution of
Cyber Crimes
throughout
the world
10
Chapter – 4
FOOTPRINTING
4.1. Footprinting
Footprinting, also known as
reconnaissance, is referred as a
method used by hackers for gathering
information about various computer
system and networks. Information
gathering is divided into two parts:
1. Footprinting
2. Scanning
Footprinting is the first part of information gathering. It involves tabulating all useful
information about the target, which is available in the public domain. It is essentially a non-
intrusive, passive information gathering technique. For any target, be it an organization or an
individual, there is a lot of information available in public forums like LinkedIn, Facebook,
Twitter, even on their own website. Scanning is an intrusive information gathering technique,
used to actively gain information about the target. Depending upon the organization’s policies,
scanning may be legal or illegal.
Difference between footprinting and scanning is that footprinting uses tools and techniques to
gather information available in the public domain while scanning involves using tools and
techniques to gather information about the target, which is not so public in nature i.e. through the
web servers, confidential company details, etc.
11
1. System Hardening: For any IT Infrastructure, reducing the number of potential
vulnerability surfaces refer to system hardening. It is one of the key tasks to be performed
while securing any IT element from intruders.
2. Target Profiling: Before launching the actual attack, building a profile of the target is
necessary which is only possible through footprinting. It includes publicly available
information like IP addresses used, vulnerable domains, etc. The profile then helps to
decide the possible attack vectors, which can be used to exploit the server, application or
the network.
3. Vulnerability Reporting: The list of potential targets and vulnerabilities is listed and
verified. This report is then shared with the organization to make the infrastructure more
secure.
Footprinting techniques are multivariate in nature akin its targets. Some techniques are
specific to a target while others can be used to target more than one targets. Certain techniques
requires the use of command line utilities while others use specific tools.
Search engines are online tools that crawl and index websites. These websites and
webpages are indexed according to their similarities and relation to specific topics. A typical
website is comprised of many pages and each of the pages is indexed by associating it with a
particular keyword.
Shodan is the search engine of hacked internet based devices. It collects and catalogs
information of all the hacked devices on the internet. The range of exploited devices cataloged in
Shodan, includes Websites, Servers, Webcams, IP Cams, SCADA systems, Refrigerators, Coffee
Machines, Washing Machines, Treadmills, Fitness Equipment and the entire range of
12
IoT-connected devices. It started as a pet project of John Matherly but soon became a
worldwide search engine of hacked devices.
WHOIS is a query and response based protocol specified in the RFC-3912. It is used to
query the databases of all such registrars and return information related to the domain names,
IP Addresses, organizational information of the website in a human readable format.
Domain Name Service (DNS) is an application layer protocol primarily responsible for
converting domain names to corresponding IP Addresses. A DNS server stores the DNS
records for a domain; a DNS server responds with answers to queries against its database.
13
DNS Footprinting is a technique that allows you to gain information about the DNS servers,
the number of supported Resource Records and configuration for each record. After
collecting this information, an attacker uses social engineering techniques on the key users of
the network like the administrator or a privileged user.
Social media like twitter, facebook are searched to collect information like personal
details, user credentials, and other sensitive information using various social engineering
techniques. Some of the techniques include -
14
Chapter – 5
Network scanning is a collection of techniques, which is used to map out the architecture of the
network. It helps an attacker to determine vulnerabilities, which can be used to launch a successful
attack on target. The primary target of using scanning techniques are active systems, active ports,
running services, operating systems, vulnerability scanning, network architecture mapping
Network scanning is an integral part of hacking, as it uncovers specific details about the
target. Scanning also helps in uncovering the nature and configuration of Firewalls, IDS/IPS of
the network or server. Scanning techniques are used to gain useful insights into these elements of
a network. Then the attacker can plan an effective attack strategy against the target.
15
Scanning techniques have the following objectives:
1. Scanning for live systems, IP addresses, and Ports: This helps in determining the
entry points into the network. One of the easiest ways to enter into a network is to send
spoofed packets on open ports of a system.
2. Scanning for Operating Systems and common services running on these ports: Exploits
can also be launched using vulnerabilities of the OS or the services running on these systems.
3. Scanning for Firewall, IDS, or IPS: Firewall and IDS/IPS are the first line of defense against
all intrusions into the network.
4. Scanning for Network Architecture: Network architecture is the overall layout of the
network. It details the positioning of network devices like Servers, routers, switches,
DNS servers, and hosts.
This is the actual hacking phase in which the hacker gains access to the system. The hacker
will make use of all the information he collected in the pre-attacking phases. Usually the main
hindrance to gaining access to a system is the passwords. System hacking can be considered as
many steps. First, the hacker will try to get in to the system. Once he get in to the system, the
next thing he want will be to increase his privileges so that he can have more control over the
system. As a normal user, the hacker may not be able to see the confidential details or cannot
upload or run the different hack tools for his own personal interest. Another way to crack in to a
system is by the attacks like man in the middle attack.
Password Cracking:
There are many methods for cracking the password and then get into the system. The
simplest method is to guess the password. However, in order to make this work easier there
are many automated tools for password guessing like legion. Legion actually has an inbuilt
dictionary in it and the software will automatically. That is the software itself generates the
password using the dictionary and will check the responses.
16
Techniques used in password cracking are:
Dictionary cracking
Brute force cracking
Hybrid cracking
Social engineering
Privilege escalation:
Privilege escalation is the process of raising the privileges once the hacker gets in to the
system. That is the hacker may get in as an ordinary user. Now he tries to increase his
privileges to that of an administrator who can do many things. There are many types of tools
available for this. There are some tools like ‘getadmin’ attaches the user to some kernel
routine so that the services run by the user look like a system routine rather than user initiated
program. The privilege escalation process usually uses the vulnerabilities present in the host
operating system or the software. There are many tools like hk.exe, metasploit etc. One such
community of hackers is the metasploit.
17
Chapter – 6
Now the hacker is inside the system by some means by password guessing or exploiting
some of its vulnerabilities. This means that he is now in a position to upload some files and
download some of them. The next aim will be to make an easier path to get in when he comes
the next time. This is analogous to making a small hidden door in the building so that he can
directly enter in to the building through the door easily. In the network scenario the hacker will
do it by uploading some software like Trojan horses, sniffers, key stroke loggers etc.
The final step in the hacking is clearing the tracks and all the traces that might be
generated during the whole process. There is a saying that “everybody knows a good hacker but
nobody knows a great hacker”. This means that a good hacker can always clear tracks or any record
that they may be present in the network to prove that he was here. Whenever a hacker downloads
some file or installs some software, its log will be stored in the server logs. So in order to erase those
the hacker uses man tools. One such tool is windows resource kit’s auditpol.exe. The intruder can
easily disable auditing with this command line tool. Another tool, which eliminates any physical
evidence, is the evidence eliminator. Sometimes apart from the server logs, some other in formations
may be stored temporarily. The Evidence Eliminator deletes all such evidences.
18
CONCLUSION
Ethical hacking nowadays is the backbone of network security. Each day its relevance is
increasing, the major pros of ethical hacking are given below:
Security. So they should make new software with vulnerabilities as less as possible. If
they are not aware of these then they will not be cautious enough in security matters.
o Keep ourselves updated about that software we are using for official and reliable sources.
o Educate the employees and the users against black hat hacking.
o Use every possible security measures like Honey pots, Intrusion Detection Systems,
o Every time make our password strong by making it harder and longer to be cracked.
19
REFERENCES
[1] https://www.computerhope.com/jargon/e/ethihack.htm
[2] https://www.techopedia.com/definition/26361/hacking
[3] https://balvant4u.wordpress.com/2015/02/13/a-seminar-report-on-ethical-hacking/
[4] https://www.cnbc.com/2019/07/30/five-of-the-biggest-data-breaches-ever.html
[5] https://www.guru99.com/what-is-hacking-an-introduction.html
[6] https://www.greycampus.com/opencampus/ethical-hacking/footprinting-methodology
20