2. OUTLINE
• Introduction
• History
• Famous Hackers
• Types of Hackers
• Black Hat Hackers
• Pre-Hacking stage
• Domains affected by Hacking
• Types of attacks
• Detection and counter measures
• SQL Injection
• Pros and cons
• Conclusion
• References
14-03-2013 2
3. Introduction
Hacking refers to an array of activities which
are done to intrude someone else‟s personal
information space so as to use it for
malicious, unwanted purposes.
Hacking is a term used for activities aimed at
exploiting security flaws to obtain critical
information for gaining access to secured
networks.
14-03-2013 3
4. History
1980s
- Cyberspace coined
-414 arrested
-Two hacker groups formed
-2600 published
1990s
-National Crackdown on hackers
-Kevin Mitnick arrested
14-03-2013 4
5. Cont.…
2001
– In one of the biggest denial-of-service
attack, hackers launched attacks against
eBay, Yahoo!, CNN.com., Amazon and
others.
2007
– Bank hit by “biggest ever” hack. Swedish
Bank, Nordea recorded nearly $1 Million has
been stolen in three months from 250
customer account.
14-03-2013 5
7. Types of hackers
White hat hacker(The term "white hat" in
Internet slang refers to an ethical computer
hacker, or a computer security expert.)
Black hat hacker(illegal or bad )
Grey hat hacker(A grey hat in the hacking
community refers to a skilled hacker whose
activities fall somewhere between white and
black hat hackers)
14-03-2013 7
8. Black Hat Hackers
A "black hat hacker” is a hacker who violates
computer security for little reason beyond
maliciousness or for personal gain.
Black hat hackers break into secure networks to
destroy data or make the network unusable for
those who are authorized to use the network.
14-03-2013 8
9. Pre-hacking stage
Part 1: Targeting
The hacker determines what network to break into
during this phase. The target may be of particular
interest to the hacker, either politically or
personally, or it may be picked at random.
Part 2: Research and Information Gathering
It is in this stage that the hacker will visit or contact
the target in some way in hopes of finding out vital
information that will help them to access the
system.
14-03-2013 9
10. Cont.…
Part 3: Finishing The Attack
This is the stage when the hacker will invade the
primary target that he/she was planning to attack
or steal from.
14-03-2013 10
11. Domains affected by hacking
Mobile hacking
Email hacking
Data stealing
Injecting virus and Trojans
Man -in-middle attacks
Internet applications
14-03-2013 11
12. TYPES OF ATTACKS
Denial of Services attacks
Threat from Sniffing and Key
Logging
Trojan Attacks
14-03-2013 12
13. Denial of Services (DOS)
Attacks
DOS Attacks are aimed at denying
valid, legitimate Internet and Network users
access to the services offered by the target
system.
In other words, a DOS attack is one in which
clogging up so much memory on the target
system that it cannot serve legitimate users.
14-03-2013 13
14. DOS Attacks: Ping of Death
Attack
The maximum packet size allowed to be
transmitted by TCPIP on a network is 65 536 bytes.
In the Ping of Death Attack, a packet having a size
greater than this maximum size allowed by
TCPIP, is sent to the target system.
As soon as the target system receives a packet
exceeding the allowable size, then it
crashes, reboots or hangs.
14-03-2013 14
15. sniffers and Key
loggers
Sniffers: capture all data packets being sent
across the network. Commonly Used for:
Traffic Monitoring
Network Trouble shooting
Gathering Information on Attacker.
For stealing company Secrets and
sensitive data.
Commonly Available Sniffers
• tcpdump
• DSniff
14-03-2013 15
16. Threats from key loggers
Key loggers: Records all keystrokes made on that
system and store them in a log file, which can later
automatically be emailed to the attacker.
Countermeasures
Periodic Detection practices should be made
mandatory.
A Typical Key Logger automatically loads itself
into the memory, each time the computer boots.
Thus, the start up script of the Key Logger
should be removed.
14-03-2013 16
17. Trojan Attacks
Trojans: act as a RAT or Remote Administration
Tool, which allow remote control and remote access to
the attacker.
Working:
1.The Server Part of the Trojan is installed on the
target system through trickery or disguise.
2.This server part listens on a predefined port for
connections.
3.The attacker connects to this Server Part using
the Client part of the Trojan on the predefined port
number.
4.Once this is done, the attacker has complete
control over the target system.
14-03-2013 17
18. Trojan Attacks : Detection and
counter measures
Detection & Countermeasures
Scan your own system regularly.
If you find a irregular port open, on which you
usually do not have a service running, then your
system might have a Trojan installed.
One can remove a Trojan using any normal
Anti-Virus Software
14-03-2013 18
19. SQL injection
SQL injection is a technique often used to attack
data driven applications.
This is done by including portions of SQL
statements in an entry field in an attempt to get
the website to pass a newly formed SQL
command to the database.
string literal escape characters embedded in SQL
statements like („ or * ) etc.
SQL injection is mostly known as an attack vector
for websites but can be used to attack any type of
SQL database.
14-03-2013 19
21. How SQL Injection is performed?
when user input is not filtered for escape
characters and is then passed into a SQL
statement.
The following line of code:
statement = "SELECT * FROM users WHERE
name = '" + userName + "';"
For example:
For example, setting the "userName" variable
as:
' or '1'='1
' or '1'='1' -- '
' or '1'='1' ({ '
' or '1'='1' /* '
14-03-2013 21
22. Cont.….
The above username „1=1‟ is always true and
can even delete the tables.
SELECT * FROM users WHERE name = ''OR
'1'='1';
Example:
Step 1: Figure out how the application handles bad
inputs
• Email address is taken for the SQL injection
hacker@programmerinterview.com'
• The extra quote is added to the above email
address.
14-03-2013 22
23. Cont.…
The SQL statement as follows:
SELECT data
FROM table
WHERE Email input =
hacker@programmerinterview.com”;
The query is injected as:
SELECT data
FROM table WHERE Email input = 'Y';
UPDATE table SET email =
'hacker@ymail.com' WHERE email =
'joe@ymail.com';
14-03-2013 23
24. Cont.…
The hacker enters into the database and
drops the tables .
Insertion of any other data in table can be
done.
14-03-2013 24
26. SQL Injection Prevention
Encrypt sensitive data.
Access the database using an
account with the least privileges
necessary.
Install the database using an
account with the least privileges
necessary.
Ensure that data is valid.
14-03-2013 26
27. Pros and cons
Pros
• Increases computer security –when a
hacker is hired he can be given a specific
job or way to hack into the system. This
can give company insight of possible back
doors or openings into the company‟s
security.
Cons
• The hacker can break into the system and
steal information.
• If the hacker is inexperience he can leave
harmful programs and delete the
information.
14-03-2013 27
28. Conclusion
Hacking may be defined as legal
or illegal, ethical or unethical but
useful for finding out possible back
doors or openings into the
computer security.
14-03-2013 28