What is ethical hacking?
Ethical hacking, also known as penetration testing or pen testing, is legally breaking into computers and devices to test an organization’s defenses. It’s among the most exciting IT jobs any person can be involved in. You are literally getting paid to keep up with the latest technology and get to break into computers without the threat of being arrested.
Companies engage ethical hackers to identify vulnerabilities in their systems. From the penetration tester’s point of view, there is no downside: If you hack in past the current defenses, you’ve given the client a chance to close the hole before an attacker discovers it. If you don’t find anything, your client is even happier because they now get to declare their systems “secure enough that even paid hackers couldn’t break into it.” Win-win!
We can define hacking into different categories, based on what is being hacked. These are as follows:
Network hacking means gathering information about a network with the intent to harm the network system and hamper its operations using the various tools like Telnet, NS lookup, Ping, Tracert, etc.
Website hacking means taking unauthorized access over a web server, database and make a change in the information.
Computer hacking means unauthorized access to the computer and steals the information from PC like Computer ID and password by applying hacking methods.
Password hacking is the process of recovering secret passwords from data that has been already stored in the computer system.
Email hacking means unauthorized access on an Email account and using it without the owner’s permission.
Cyber Security is the practice of defending computers, servers, mobile devices, electronic devices, networks, data from malicious attacks. Malicious attacks are done by unethical hackers. an effective cyber security, an organization needs to coordinate its efforts throughout its entire information system.
What do ethical hackers do?
It is essential for any professional pen tester to document agreed upon scope and goals. These are the kinds of questions regarding scope you need to ask:
- What computer assets are in scope for the test?
- Does it include all computers, just a certain application or service, certain OS platforms, or mobile devices and cloud services?
- Does the scope include just a certain type of computer asset, such as web servers, SQL servers, all computers at a host OS level, and are network devices included?
- Can the pen testing include automated vulnerability scanning?
- Is social engineering allowed, and if so, what methods?
- What dates will pen testing be allowed on?
- Are there any days or hours when penetration testing should not be tried (to avoid any unintentional outages or service interruptions)?
- Should testers try their best to avoid causing service interruptions or is causing any sort of problem a real attacker can do, including service interruptions, a crucial part of the test?
- Will the penetration testing be Blackbox (meaning the pen tester has little to no internal details of the involved systems or applications) or Whitebox (meaning they have internal knowledge of the attacked systems, possibly up and involving relevant source code)?
- Will computer security defenders be told about the pen test or will part of the test be to see if the defenders notice?
- Should the professional attackers (e.g., red team) try to break-in without being detected by the defenders (e.g., blue team), or should they use normal methods that real intruders might use to see if it sets off existing detection and prevention defenses?
Ask these questions regarding the goals of the penetration test.
- Is it simply to show that you can break into a computer or device?
- Is denial-of-service considered an in-scope goal?
- Is accessing a particular computer or exfiltrating data part of the goal, or is simply gaining privileged access enough?
- What should be submitted as part of documentation upon the conclusion of the test? Should it include all failed and successful hacking methods, or just the most important hacks? How much detail is needed, every keystroke and mouse-click, or just summary descriptions? Do the hacks need to be captured on video or screenshots?
It’s important that the scope and goals be described in detail, and agreed upon, prior to any penetration testing attempts.
Discovery: Learn about your target
Every ethical hacker begins their asset hacking (excluding social engineering techniques for this discussion) by learning as much about the pen test targets as they can. They want to know IP addresses, OS platforms, applications, version numbers, patch levels, advertised network ports, users, and anything else that can lead to an exploit. It is a rarity that an ethical hacker won’t see an obvious potential vulnerability by spending just a few minutes looking at an asset. At the very least, even if they don’t see something obvious, they can use the information learned in discovery for continued analysis and attack tries.
Exploitation: Break into the target asset
This is what the ethical hacker is being paid for — the “break-in.” Using the information learned in the discovery phase, the pen tester needs to exploit a vulnerability to gain unauthorized access (or denial of service, if that is the goal). If the hacker can’t break-in to a particular asset, then they must try other in-scope assets. Personally,
if I’ve done a thorough discovery job, then I’ve always found an exploit. I don’t even know of a professional penetration tester that has not broken into an asset they were hired to break into, at least initially, before their delivered report allowed the defender to close all the found holes. I’m sure there are penetration testers that don’t always find exploits and accomplish their hacking goals, but if you do the discovery process thoroughly enough, the exploitation part isn’t as difficult as many people believe. Being a good penetration tester or hacker is less about being a genius and more about patience and thoroughness.
Depending on the vulnerability and exploit, the now gained access may require “privilege escalation” to turn a normal user’s access into higher administrative access. This can require a second exploit to be used, but only if the initial exploit didn’t already give the attacker privileged access.
Depending on what is in scope, the vulnerability discovery can be automated using exploitation or vulnerability scanning software. The latter software type usually finds vulnerabilities,but does not exploit them to gain unauthorized access.
Next, the pen tester either performs the agreed upon goal action if they are in their ultimate destination, or they use the currently exploited computer to gain access closer to their eventual destination. Pen testers and defenders call this “horizontal” or “vertical” movement, depending on whether the attacker moves within the same class of system or outward to non-related systems. Sometimes the goal of the ethical hacker must be proven as attained (such as revealing system secrets or confidential data) or the mere documentation of how it could have been successfully accomplished is enough.
Document the pen-test effort
Lastly, the professional penetration tester must write up and present the agreed upon report, including findings and conclusions.
ETHICAL HACKERS’ ACTIVITY
A) Remote Network
This test simulates the intruder launching an attack across the Internet. The primary defenses that must be defeated here are border firewalls, filtering routers, and Web servers.
B) Remote Dial-Up Network
This test simulates the intruder launching an attack against the client’s modem pools. The primary defenses that must be defeated here are user authentication schemes. These kinds of tests should be coordinated with the local telephone company.
C) Local Network
This test simulates an employee or other authorized person who has a legal connection to the organization’s network. The primary defenses that must be defeated here are intranet firewalls, internal Web servers, server security measures, and e-mail systems.
D) Stolen Laptop Computer
In this test, the laptop computer of a key employee, such as an upper-level manager or strategist, is taken by the client without warning and given to the ethical hackers. They examine the computer for passwords stored in dial-up software, corporate information assets, personnel information, and the like. Since many busy users will store their passwords on their machine, it is common for the ethical hackers to be able to use this laptop computer to dial into the corporate intranet with the owner’s full privileges.
E) Social Engineering
This test evaluates the target organization’s staff as to whether it would leak information to someone. A typical example of this would be an intruder calling the organization’s computer help line and asking for the external telephone numbers of the modem pool. Defending against this kind of attack is the hardest because people and personalities are involved.
F) Physical Entry
This test acts out a physical penetration of the organization’s building. Special arrangements must be made for this since security guards or police could become involved if the ethical hackers fail to avoid detection. Once inside the building, it is important that the tester not be detected. Such a document could be found by digging through trash cans before the ethical hack or by casually picking up a document from a
trash can or desk once the tester is inside.
G) The Havij
Havij is an automated SQL Injection tool that helpspenetration testers to find and exploit SQL Injection.
vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements, and even accessing the underlying file system and executing commands on the operating system.
The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than95% at injection vulnerable targets using Havij. The user-friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.
H) The Hide IP
Just like my IP address, your IP address is unique and assigned to your computer by your ISP. Hackers may use your
IP address to track you back to your computer. But if you can hide your IP address, your online security and privacy is greatly enhanced. Each time you connect to the Internet with Hotspot shield, you get a new US IP address to mask your actual IP address and surf the Internet anonymously — completely protected from hackers and snoopers.
Hotspot Shield VPN essentially changes your IP address by replacing it with an IP address belonging to one of our servers. Thus, when you get a free US IP address, you can browse the Internet as a user from the United States or other countries of your choosing with our premium Elite service. Therefore, hackers are not able to locate you or your computer. Unlike your ISP, Hotspot Shield VPN does not track and does not record your web activities.
Hacking In Linux Operating Systems
the open-source movement has been a vital source of innovation affecting software development. However, open-source community practices have provoked a Debate on software quality namely, is open-source software quality better than that of its closed source counterpart? Studies have attempted to correlate metrics with software.
performance or validate that metrics can predict software systems’ fault proneness.
Where you can define closed-source software as a product created using traditional software development methods, the definition of open-source software is not always straightforward. This is because a software product can take at least three paths to become open source. For example, a collaborating open-source community developed the Linux kernel; an individual created PGP (Pretty Good Privacy) and the Mozilla browser were Originally developed as proprietary software. One implication of this is that any conclusions about Linux might not hold true for all open-source products. But being an initiative taker, open-source Communities make society Linux strong system software. A hacker always needs to figure out the vulnerabilities in the victim system.
Thank You For reading