Introduction To Ethical Hacking
Introduction To Ethical Hacking
What is hacking?
hacking can be defined as gaining unauthorised access to a computer system by breaking its computer security and installing Malaysia software to steal sensitive information from the computer system or destroy it
How hacking can be performed
hacking can be done in two ways the first way is social engineering and the second way is software exploitation
social engineering is an art in which hackers exploit human psychology to collect sensitive information of the human for malicious purpose
vulnerabilities of the weaknesses in a computer system which can be exploited by the hacker to gain unauthorised access to a computer for malicious purpose
Basic knowledge required to begin
before we begin with ethical hacking we should get familiar with Linux because most of the tools you are using in this course are made for Linux although a few tools support windows too we will stick with Linux
nowhere I am giving you one assignment go ahead and install any hacking or a normal LINUX operating system such as kali, parrot, Debian or ubuntu in virtual machines ie VirtualBox or VMWare . for this process you can refer to YouTube video
Reference link https://youtu.be/V_Payl5FlgQ
by assuming that you have installed Linux operating system virtual machine we will move ahead. now start your Linux os as you can see modern LINUX operating system is similar to Windows now go ahead and play with it. For your reference, I have created this video, please go through it
Link 1
Link 2
Setup virtual lab
in this module will be downloading and installing metasploitable . metasploitable is the intentionally created vulnerable machine that is used to test our hacking skills, it runs several vulnerable services which has been exploited to gain access to the system,
Step 1:- Visit this site https://information.rapid7.com/download-metasploitable-2017.html
Step 2:- fill the form
Step 3:- Download and install it in a virtual box
Step 4:- after running metasploitable it will ask for username and password, its username and password is msfadmin
Information gathering
Information gathering is a phase where hackers collect as much information about the target. this phase is divided into two parts passive information gathering and active information gathering
in passive information gathering, hackers collect information of victims without direct interaction, hackers use various publicly available resources and tools to collect information that is openly available on the internet and social media platforms about the target to exploit victim machines
In active information gathering, the hacker collects information of victim with direct interaction
in this hacker perform various tests against the victim to identify and take advantage of vulnerability for exploitation
Passive information gathering
It is a technique in which we gather information about a person/ company without directly approaching them using various sources and tools such as the internet.
Passive Information gathering tools
Whois
BuiltWith
Netcraft
Wappalyzer(Chrome extension)
Hunter.io
Google Hacking
Recon-ng
Shodan
Maltego
Using Burpsuite
The Harvester
Social media
Whois
It is an online website that is used to gather information about a target.
To use this tool you just need the website name.
For Ex: amazon.com
The information which we can find:
Domain name
IP address
Name of the registrant
contact details of the registrant
Registration date
Name servers
Recent update
expiry date
Tutorial
Visite https://www.whois.com/
Enter domain name ie talentskillacademy. in
Here you can see registered and non registered domains we will register domain
Click on the whois option
And you have complete information of domain w
Wappalyzer(Chrome extension)
Wappalyzer is a chrome extension used to find details like
frameworks
operating systems,
web frameworks
UI frameworks
Content Delivery Networks
Tutorial
Viste https://chrome.google.com/webstore/detail/wappalyzer/gppongmhjkpfnbhagpmjfkannfbllamg?hl=en
Click on add extinction it will take a minute depending on your internet speed
Visite any website which you like ie talentskillacademy. in
Click on the extinction menu which is located upper left side of the chrome browser
And open wappalyzer extinction
And now as you can see all technology used onthe website
Hunter.io
Hunter.io is a website in which we find information like common patterns of mail accounts used by the company.
Tutorial
Next, you know what you need to do
Netcraft
Using Netcraft we will know how to get information about the technologies which is used by the target websites. We get details like IP address, Domain registrar, organisation name, Site technologies, developed using WordPress or PHP ...etc
Social media
We also use social media to get information of a person like what are their interests, on where they are working...etc
TheHarvester
TheHarvester is a tool in Kali Linux used to find the information found on search engines like google and it also specifies how deep we can go like 500 searches, on which platform we need to search on and also we can store the details in a different format
Using burpsuite
Basic of networking
We will start our discussion with the internet, what is the internet?
Internet is the very big network that connects the computer and other devices from all over the world using the internet peoples communicate with each other and share their information using the internet
Now we know what is the internet, now let’s take look at the network. A network can be defined as a group of computers and other devices which can share their information and able to establish successful connections within the network, in the network each device and computer is considered an individual node and has a unique IP address which helps to identify each device on local network or in the internet
An IP address is of two types IPv4 and IPv6, an IPv4 is a 32-bit address that is represented in decimal notation each byte in IPv4 is separated by dots or period ie:- 192.168.43.161
An IPv6 is the 128-bit address that contains alphanumerical characters represented in hexadecimal formate ie:- ABFE.12FC.2345.12BC.BCDA.FGBC.1246.BCFA
Here again, many things are there to discuss but this much is sufficient to move ahead I like to encourage you to move the head and study a little bit more on IP address and mac address
Active information gathering
TCP connection
TCP stands for transmission control protocol this protocol is used to establish a connection between two computer devices, this is quite a popular way of communication which we use in day to day life, this protocol follows a three-way handshake that means it ensures that our information is safely delivered to the server
let's understand how it performs a three-way handshake on the internet with a simple example let's assume that you have to open your browser and search for facebook.com when you search for Facebook you may get many links on your browser and when you click on any link your computer send requisite to the server which will be hosting facebook.com the request contains syn flag with sequence number when this requisite is reached to server replays with the syn flag and ack flag (note that ack request contain client sequence number + 1)with its sequence number when client device receives this from the server device client devices send backs ack flag (the sequence number of server + 1) with its new sequence number which is assigned for this communication this how TCP performs a three-way handshake
UDP connection
A user datagram protocol is also known as a UDP I like TCP UDP doesn't perform a kind of three-way handshake so there is no insurance that data has successfully reached its destination that's because it is also known as an unreliable and connectionless protocol
this protocol is mainly used for real-time applications such as online video games, live conferences etc here UDP connection is used to avoid high latency
Popular TCP/UDP ports
S.No Port number name
20/21 FTP TCP
22 SSH TCP
23 Telnet TCP
25 SMTP TCP
53 DNS TCP/UDP
67 DHCP UDP
69 TFTP UDP
80 HTTP TCP
123 NTP TCP
443 HTTPS TCP
Comments