black hat hackers
DESCRIPTION
TRANSCRIPT
1
BLACK HAT HACKERS
Rajitha.B09131A1276Information Technology
14-03-2013
OUTLINE• Introduction• History• Famous Hackers• Types of Hackers• Black Hat Hackers• Pre-Hacking stage• Domains affected by Hacking• Types of attacks• Detection and counter measures• SQL Injection• Pros and cons• Conclusion• References
14-03-2013 2
3
Introduction
Hacking refers to an array of activities which are done to intrude someone else’s personal information space so as to use it for malicious, unwanted purposes.
Hacking is a term used for activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.
14-03-2013
4
History
1980s- Cyberspace coined-414 arrested-Two hacker groups formed-2600 published
1990s-National Crackdown on hackers-Kevin Mitnick arrested
14-03-2013
5
Cont.…
2001– In one of the biggest denial-of-service
attack, hackers launched attacks against eBay, Yahoo!, CNN.com., Amazon and others.
2007– Bank hit by “biggest ever” hack.
Swedish Bank, Nordea recorded nearly $1 Million has been stolen in three months from 250 customer account.
14-03-2013
6
Famous Hackers
14-03-2013
7
Types of hackers
White hat hacker(The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert.)
Black hat hacker(illegal or bad ) Grey hat hacker(A grey hat in the hacking
community refers to a skilled hacker whose activities fall somewhere between white and black hat hackers)
14-03-2013
8
Black Hat Hackers A "black hat hacker” is a hacker who
violates computer security for little reason beyond maliciousness or for personal gain.
Black hat hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network.
14-03-2013
9
Pre-hacking stage
Part 1: TargetingThe hacker determines what network to break into during this phase. The target may be of particular interest to the hacker, either politically or personally, or it may be picked at random. Part 2: Research and Information GatheringIt is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them to access the system.
14-03-2013
10
Cont.…
Part 3: Finishing The AttackThis is the stage when the hacker will invade the primary target that he/she was planning to attack or steal from.
14-03-2013
11
Domains affected by hacking
Mobile hacking Email hacking Data stealing Injecting virus and Trojans Man -in-middle attacks Internet applications
14-03-2013
12
TYPES OF ATTACKS
Denial of Services attacks Threat from Sniffing and Key
Logging Trojan Attacks
14-03-2013
13
Denial of Services (DOS) Attacks DOS Attacks are aimed at denying valid, legitimate Internet and Network users access to the services offered by the target system. In other words, a DOS attack is one in which clogging up so much memory on the target system that it cannot serve legitimate users.
14-03-2013
14
DOS Attacks: Ping of Death AttackThe maximum packet size allowed to be transmitted by TCP\IP on a network is 65 536 bytes.
In the Ping of Death Attack, a packet having a size greater than this maximum size allowed by TCP\IP, is sent to the target system.
As soon as the target system receives a packet exceeding the allowable size, then it crashes, reboots or hangs.
14-03-2013
15
Threats from sniffers and Key loggers
Sniffers: capture all data packets being sent across the network. Commonly Used for:
Traffic MonitoringNetwork Trouble shootingGathering Information on Attacker.For stealing company Secrets and sensitive data.
Commonly Available Sniffers• tcpdump • DSniff
14-03-2013
16
Threats from key loggers
Key loggers: Records all keystrokes made on that system and store them in a log file, which can later automatically be emailed to the attacker. Countermeasures
Periodic Detection practices should be made mandatory.A Typical Key Logger automatically loads itself into the memory, each time the computer boots. Thus, the start up script of the Key Logger should be removed.
14-03-2013
17
Trojan AttacksTrojans: act as a RAT or Remote Administration Tool, which allow remote control and remote access to the attacker.
Working: 1.The Server Part of the Trojan is installed on the target system through trickery or disguise. 2.This server part listens on a predefined port for connections.3.The attacker connects to this Server Part using the Client part of the Trojan on the predefined port number. 4.Once this is done, the attacker has complete control over the target system.
14-03-2013
18
Trojan Attacks : Detection and counter measuresDetection & Countermeasures
Scan your own system regularly.
If you find a irregular port open, on which you usually do not have a service running, then your system might have a Trojan installed.
One can remove a Trojan using any normal Anti-Virus Software
14-03-2013
19
SQL injection
SQL injection is a technique often used to attack data driven applications.
This is done by including portions of SQL statements in an entry field in an attempt to get the website to pass a newly formed SQL command to the database.
string literal escape characters embedded in SQL statements like (‘ or * ) etc.
SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
14-03-2013
20
Structure of SQL Injection
14-03-2013
21
How SQL Injection is performed?
when user input is not filtered for escape characters and is then passed into a SQL statement.
The following line of code: statement = "SELECT * FROM users WHERE name = '" + userName + "';"For example: For example, setting the "userName" variable as:' or '1'='1' or '1'='1' -- '' or '1'='1' ({ '' or '1'='1' /* '
14-03-2013
22
Cont.…. The above username ‘1=1’ is always true
and can even delete the tables.SELECT * FROM users WHERE name = ''OR '1'='1'; Example:Step 1: Figure out how the application handles bad inputs• Email address is taken for the SQL
injection [email protected]' • The extra quote is added to the above
email address.
14-03-2013
23
Cont.…
The SQL statement as follows: SELECT data FROM table WHERE Email input = [email protected]”; The query is injected as: SELECT data FROM table WHERE Email input = 'Y'; UPDATE table SET email = '[email protected]' WHERE email = '[email protected]';
14-03-2013
24
Cont.…
The hacker enters into the database and drops the tables .
Insertion of any other data in table can be done.
14-03-2013
25
SQL Injection
14-03-2013
26
SQL Injection Prevention
Encrypt sensitive data. Access the database using an
account with the least privileges necessary.
Install the database using an account with the least privileges necessary.
Ensure that data is valid.
14-03-2013
27
Pros and cons
Pros
• Increases computer security –when a hacker is hired he can be given a specific job or way to hack into the system. This can give company insight of possible back doors or openings into the company’s security.
Cons• The hacker can break into the system and
steal information.
• If the hacker is inexperience he can leave harmful programs and delete the information.
14-03-2013
28
Conclusion
Hacking may be defined as legal or illegal, ethical or unethical but useful for finding out possible back doors or openings into the computer security.
14-03-2013
29
Referenceshttp://www.blackhatlibrary.net/Main_Pagehttp://prezi.com/sxnobhzvsenq/hacking-and-cracking-pros-and-conshttp://www.cybercure.in/hacking/http://en.wikipedia.org/wiki/Hacker_(computer_security)http://en.wikipedia.org/wiki/The_Hacker_CrackdownCyber cure customized e-book
http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-hotchkies/bh-us-04-hotchkies.pdfhttp://crypto.stanford.edu/cs142/lectures/16-sql-inj.pdf
14-03-2013
30
Thank you
14-03-2013