• An Ethical Hacker Answers the Following Questions:
• What kind of vulnerabilities does an attacker see?
• What information or system would a hacker most want access?
• What can an attacker do with the information?
• How many people notice the attempted hack?
• What is the best way to fix the vulnerability?
Ethical hackers learn and perform hacking in a professional manner, based on the
direction of the client, and later, present a maturity scorecard highlighting their
overall risk and vulnerabilities and suggestions to improve.
�Terminologies
Zero-Day Attack:
• in a Zero-Day attack, the attacker exploits vulnerabilities in a computer application before the software developer can
release a patch for them.A Zero-Day attack is an attack that exploits the PC vulnerability before software engineer
releases a patch.Based on common usage of exploit terms, an exploit is said as a zero-day exploit once it’s wont to
attack a vulnerability that has been identified however not yet patched, additionally called a zero-day vulnerability.
• Daisy Chaining:
• It involves gaining access to one network and/or computer and then using the same information to gain access to
multiple networks and computers that information. Daisy chaining involves gaining access to a network and /or
laptop and so exploitation constant data to realize access to multiple networks and computers that contain desirable
data.
• Doxing:
• Doxing is publication in person identifiable data concerning a private or organization. It refers to gathering and
publishing personally identifiable information such as an individual’s name and email address, or other sensitive
information pertaining to an entire organization. People with malicious intent collect this information from publicly
accessible channels such as the databases, social media and the Internet.
• Bot:
• A “bot” (a contraction of “robot”) is a software application or program that can be controlled remotely to execute or
automate predefined tasks. Hackers use buts as agents that carry out malicious activity over the Internet. Attackers
use infected machines to launch distributed denial-of-service (DDoS) attacks, key logging, spying, etc. bot could be a
software system application which will be controlled remotely to execute or alter predefined tasks.
• Warfare:
�deep web and dark web
• These bonus terms may not refer to a type of cyberattack, but they are relevant.
• The deep web refers to the part of the internet not indexed by Google.
Cybercriminals may reside there but so might legitimate – and legal – groups
like a chess club that simply does not want to appear on Google.
• The dark web is a smaller part of the deep web. To access it, you need a special
browser called Tor. Here, cybercriminals certainly reside.
• Stolen data and credentials pass through the dark web, like those stolen if you
get hacked. This is why many businesses today turn to dark web monitoring
through managed security services. It provides an added layer of cybersecurity
for increased awareness and protection for your business.
�• This article explains the 5 steps of Hacking taking an example of a Hacker trying to
hack a company’s server and gaining access to all the data.
�• The process of legal and authorized attempts to discover and successfully exploiting the computer system in an
attempt to make the computer system more secure is called Ethical Hacking. This process includes a probe for
vulnerability and providing proof of concept (POC) attacks to visualize that vulnerabilities are actually present in the
system.
• 1. Reconnaissance: This is the first phase where the Hacker tries to collect information about the target. It may
include Identifying the Target, finding out the target’s IP Address Range, Network, DNS records, etc. Let’s assume that
an attacker is about to hack a websites’ contacts.
He may do so by using a search engine like maltego, researching the target say a website (checking links, jobs, job
titles, email, news, etc.), or a tool like HTTPTrack to download the entire website for later enumeration, the hacker is
able to determine the following: Staff names, positions, and email addresses.
• 2. Scanning: This phase includes the usage of tools like dialers, port scanners, network mappers, sweepers, and
vulnerability scanners to scan data. Hackers are now probably seeking any information that can help them perpetrate
attacks such as computer names, IP addresses, and user accounts. Now that the hacker has some basic information,
the hacker now moves to the next phase and begins to test the network for other avenues of attacks. The hacker
decides to use a couple of methods for this end to help map the network (i.e. Kali Linux, Maltego and find an email to
contact to see what email server is being used). The hacker looks for an automated email if possible or based on the
information gathered he may decide to email HR with an inquiry about a job posting.
�• 3. Gaining Access: In this phase, the hacker designs the blueprint of the network of the target with the help of data collected
during Phase 1 and Phase 2. The hacker has finished enumerating and scanning the network and now decides that they have
some options to gain access to the network.
For example, say a hacker chooses a Phishing Attack. The hacker decides to play it safe and use a simple phishing attack to gain
access. The hacker decides to infiltrate the IT department. They see that there have been some recent hires and they are likely
not up to speed on the procedures yet. A phishing email will be sent using the CTO’s actual email address using a program and
sent out to the techs. The email contains a phishing website that will collect their login and passwords. Using any number of
options (phone app, website email spoofing, Zmail, etc) the hacker sends an email asking the users to log in to a new Google
portal with their credentials. They already have the Social Engineering Toolkit running and have sent an email with the server
address to the users masking it with a bitly or tinyurl.
• 4. Maintaining Access: Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Once
the hacker owns the system, they can use it as a base to launch additional attacks.
In this case, the owned system is sometimes referred to as a zombie system. Now that the hacker has multiple e-mail accounts,
the hacker begins to test the accounts on the domain. The hacker from this point creates a new administrator account for
themselves based on the naming structure and tries and blends in. As a precaution, the hacker begins to look for and identify
accounts that have not been used for a long time. The hacker assumes that these accounts are likely either forgotten or not
used so they change the password and elevate privileges to an administrator as a secondary account in order to maintain access
to the network. The hacker may also send out emails to other users with an exploited file such as a PDF with a reverse shell in
order to extend their possible access. No overt exploitation or attacks will occur at this time. If there is no evidence of
detection, a waiting game is played letting the victim think that nothing was disturbed. With access to an IT account, the hacker
begins to make copies of all emails, appointments, contacts, instant messages and files to be sorted through and used later.
• 5. Clearing Tracks (so no one can reach them): Prior to the attack, the attacker would change their MAC address and run the
attacking machine through at least one VPN to help cover their identity. They will not deliver a direct attack or any scanning
technique that would be deemed “noisy”.
Once access is gained and privileges have been escalated, the hacker seeks to cover their tracks. This includes clearing out Sent
emails, clearing server logs, temp files, etc. The hacker will also look for indications of the email provider alerting the user or
possible unauthorized logins under their account.
�• Vulnerability Research
• Vulnerability research is an analysis of the integrity of information systems and
equipment to discover unexpected behaviors that may exist in equipment or
services. For example, unauthorized access vulnerability can be entered without
an account or password. This type of vulnerability can let hackers access the
administrator interface.
• Usually, vulnerability researchers will conduct black-box testing or white-box
testing, combined with dynamic and static analysis techniques to reveal
potential vulnerabilities. Finally, a vulnerability research report will be written to
detail the complete research process and provide vulnerability exploits.
Methods and repair suggestions.
�• things that a hacker can do to me?
•
While your computer is connected to the Internet, the malware a hacker has installed on your PC
quietly transmits your personal and financial information without your knowledge or consent. Or, a
computer predator may pounce on the private information you unwittingly revealed. In either case,
they will be able to:
• Hijack your usernames and passwords
• Steal your money and open credit card and bank accounts in your name
• Ruin your credit
• Request new account Personal Identification Numbers (PINs) or additional credit cards
• Make purchases
• Add themselves or an alias that they control as an authorized user so it’s easier to use your credit
• Obtain cash advances
• Use and abuse your Social Security number
• Sell your information to other parties who will use it for illicit or illegal purposes
• Predators who stalk people while online can pose a serious physical threat. Using extreme caution
when agreeing to meet an online “friend” or acquaintance in person is always the best way to keep
safe.
�• Negative effects of hacking:
• Reduced Privacy
• At the point when programmers access your PC, they can see everything. Since a great part of the individual, proficient and
monetary parts of our lives have moved on the web; we chance to lose considerably more than cash or data. As the
disadvantages of technology hackers the Internet, security restricted, for the most part by decision. A hacker with access to
your email, long range interpersonal communication records and personal photographs can rapidly devastate that privacy.
• Money related Losses
• Consistently, reports from hacked organizations uncover stunning money related misfortunes subsequently. In 2011, Sony lost
$170 million because of a hack of their PlayStation framework. Additionally, in 2011, CitiGroup lost $2.7 million, and AT&T
lost $2 million due to disadvantages of hacking. The cost of fixing the gaps in security, reimbursing client misfortunes, tending
to claims and weathering shutdowns of their frameworks added to those huge numbers. Although, for a person who loses his
credit card data to bad hackers, but, the cost of repairing harm and finding the guilty party can be more important.
• Harmed Reputation
• Organizations that get hacked have a more concerning issue than merely paying for the underlying harm expenses and
claims. Reputation harm can wreck to an organization’s fortunes. In a case the bank has been traded off different
circumstances, clients are less inclined to give them their data. The same goes for retailers who lose data due to
disadvantages of ethical hacking. These organizations lose business after some time due to harmed or exhausted
reputations. People with stolen ways of life because of hacking have a comparable reputation issue with regards to their
credit ratings.
• Loss of Information
• Hacking regularly brings about lost information because of documents being erased or changed. Client data and request data
can be stolen and erased, or a break of best mystery data could cause certifiable security issues results in the negative side of
hacking. Servers at the NASA, Interpol, Pentagon and FBI have all been traded off at different focuses in the previous ten
years. Once in a while, these hackers even post data from these legislative associations on the web, which could in principle
�• The Legal Aspects Of Ethical Hacking
• Cybercrime has now become a global danger, threatening the entire world with data breaches,
online frauds, and other security issues. Hundreds of new laws have been enacted to protect
netizens' rights and transactions in the virtual realm. They must remember these laws in order to
penetrate a system or network with good intentions.
• To protect data, India accepted the United Nations Commission on International Trade Law's model
law on electronic commerce, and the Information Technology Act of 2000 went into effect.
• According to Section 43 of the Act, any person who modifies, damages, disrupts, downloads, copies,
or extracts any data or information from a computer or computer network without the permission
of the owner or any other person in charge may be penalized for damages.
• Section 43-A of the Act specifies that anyone who fails to secure data is liable for compensation;
therefore, if an ethical hacker is a corporation and fails to protect the data he is in charge of, he will
be held guilty and would be liable for compensation under section 43-A of the IT Act.
• Section 66 of the IT Act deals with computer-related offenses and states that anyone who damages,
copies, extracts, or performs any other action without the owner's authorization will be sentenced
to three years in prison.
• The Indian IT legislation punishes a hacker who does not have proper authorization to get access to
a computer, but it does not protect them unless they work for the government under section 84.
Also, they must be taken seriously because their presence is critical in protecting computer
networks from cyber terrorism and cyber attacks, thus making ethical hacking legal.
