Pro Hacking Information
Introduction
Thank you for taking the time to read my guide on ethical hacking with Kali Linux. It is, without a doubt, the most powerful platform and the most popular for penetration testing and other forms of ethical hacking and is the result of many years of continuous evolution and refinement.
It was never built to be just a collection of hacking tools, as some believe it to have been. Instead, it is one of the most flexible frameworks available for the security enthusiast, the professional penetration tester, and for the beginner in ethical hacking, like you. It is customizable and, yes, it does contain a great many useful tools, some of which we will be using throughout this book.
A Brief History of Ethical Hacking
We first heard the phrase, “ethical hacking”, back in 1995 when it was used by John Patrick, the Vice President of IBM but the concept is much older than that. There are those that claim the vast majority of hackers aim to be ethical hackers but, right now, that doesn’t seem to be the case with the news full of stories of major hacking scandals and it really isn’t any wonder that all hackers are tarred with the same brush of being nothing more than criminals. To gain a better understanding of the truth, we need to go back in time.
The Hacker’s Origins
When we talk about ethical hacking in terms of history, what we are really taking about is general hacking. It wasn’t always considered bad to be a hacker and the modern context of the word actually came from MIT, the Massachusetts Institute of Technology.
During the 1960s, the term was commonly used by students of engineering to describe several methods of system optimization and machine optimization to make them more efficient. Hacking was nothing more than a kind of hobby, done by some incredibly bright people and the idea of an ethical hacker comes way before the idea of the criminal hacker.
Tiger Teams and Phreakers
It wasn’t until the 1970s that things began to get a bit darker. As computers grew in popularity, so did the number of people of understood computer programming and systems languages and they were starting to see that there were potential benefits to testing systems to see what they could do.
It was about this time that we started to hear of ‘phreakers’, people who could manipulate the telecommunication systems, and who could truly understand the nature of the telephone networks. They would make use of devices that could mimic a dialing tone for the purpose of routing phone calls – this gave them the opportunity to make their own phone calls free of charge, particularly the long distance calls that were very expensive. It could be argued that phreakers were considered to be the first illegal hackers.
However, at the same time, companies and government departments were starting to see how beneficial it could be to have experts in place who could find weaknesses in their systems, thus stopping activities like phreaking from happening. These were called the “tiger teams” and the US government made good use of them for the purpose of shoring up their defense systems.
The Black Hat Hacker Rises Up
During the 1980s and the 1990s, we began to hear the term, “hacker”, used pretty much only with criminal activity. The personal computer was now a very popular tool, not just for individuals but for businesses too and that meant there were large amounts of personal and sensitive data being stored within computer programs. The hackers could see the potentials in stealing that data and using it for fraudulent behavior or selling it one to other unscrupulous persons.
We began to see a profile building up in the media, a negative profile of hacking where hackers were nothing more than criminals who were stealing data and blackmailing companies into parting with a lot of money, just by using skills they had learned. We call these black hat hackers, people who only want to use their skills for malicious activities. Black hats are the ones we hear about the most in the media and recent years have seen some very high-profile attacks on the biggest companies in the world, like Sony and Amazon.
The Modern Cybercriminal is More Sophisticated
Every day, an estimated 30,000 + websites are hacked into, which just shows you how widespread modern hacking is. Some of those hackers are very inexperienced, using tools that other hackers write and not having any real understanding of what they are doing while others are incredibly sophisticated in their attacks, constantly looking for ways to get what they want.
We also tend to think of a hacker as someone who spends all day in a darkened room tapping away at their computer. That may be the case for some but there are other methods in use, form password cracking to social engineering, where a person is duped into passing on sensitive information or personal details.
The Regeneration of the Ethical Hacker
Over time, hackers have definitely become a lot smarter and they are far more persistent and that means businesses and government departments have had to build up their own defenses to try to stop them. This is the reason the ethical hacking concept is being used more and more to combat the problems these businesses face.
Ethical hacking is now one of the most common forms of hacking and you can become a certified ethical hacker, also known as a whit hat hacker. White hats use exactly the same techniques as the black hats use but they do it to find the vulnerabilities in a system and then fix them or tell the company concerned so they can get them fixed.
Many of the best white hat hackers in the world started out as black hats. Take Kevin Poulson, for example. He hacked into the telephone lines for a contest on a radio station, ultimately winning the top prize of a Porsche 944 S2. He went to prison for his crime but has now turned to white hat hacking and is, today, a respected journalist.
Ethical Hacking Techniques
To do their jobs properly, ethical hackers need to work under a high level of secrecy. This means they are usually directly employed by management, with other staff and IT security teams having no knowledge of their employments. This allows them to work much the same as black hat hackers do and they will use several different techniques to try to hack into a system. The first is penetration testing, followed by social engineering and password cracking. We’ll be going over a lot of these throughout this guide.
Black, White or Grey?
As you learned in the last chapter, we can’t tar all hackers with the same black hat brush. Hackers can be anyone, not just criminals, who use the knowledge they have of hardware and software to get through the security measures in place on a computer, network or device. In itself, hacking is not illegal unless the hacker is accessing a system without express permission from the owner and many businesses employ hackers to help them with their security.
Generally, we categorize hackers by the color of a metaphorical hat – white, grey or black – and the term actually dates back to the old Spaghetti Westerns – the good guys wore white hats while baddies wore the black. Let’s look at what each color stands for:
Black Hat
Black hat hackers, like all hackers, have vast amounts of knowledge about compromising computer systems and networks and getting past any security measures. The black hat is also the type of hacker that writes malware and viruses.
Their motivation is for financial or personal gain usually and they can range from a complete beginner who is just having a go at spreading a virus or malware about, to the professional hackers that can get in, steal data and get out again without being seen. Black hat hackers don’t just steal data though; they may also destroy or alter it to do something else.
White Hat
The white hat hacker has the same level of experience and knowledge but they opt to use theirs for good and not evil purposes. These are the ones we call the ethical hackers, and they are often employed or contracted by companies to look for vulnerabilities in their systems.
They use the exact same methods as a black hat hacker but, in their case, it is with the permission of the owner of that system. This is what makes it legal to do. They will carry out penetration testing, vulnerability assessments and test the security systems already in place. There are training courses and certifications that you can take to become a certified ethical hacker.
Grey Hat
Nothing in life is just black or white; there are always grey areas and the same goes with hackers. The grey hat hackers are a mixture of black and white hat hackers; they will look into a system without the owner’s permission, trying to find vulnerabilities and they may them report those problems to the owner, often asking for a fee to fix them. If they get no response they may even take the step of posting what they found on the internet for everyone to see.
The grey hat hackers don’t really have malicious intentions; they just want to get paid for what they found. Most will not advertise any vulnerabilities they have found and they won’t exploit them for their own gain either. However, it is still thought to be an illegal form of hacking because they don’t have permission to access the system.
The word “hacker” still elicits negative thoughts in most people but it is very important to understand the difference between the types of hacker. If the white hat hackers weren’t there, finding the vulnerabilities and the threats, and fixing them, the black hats would be running riot. As it is, much as we hear a great deal about it, black hat hackers are in the minority.
Hacking Terms You Should Learn
You will come across a number of hacking terms on your journey and the following are the most important ones to learn. Later I will give you a full glossary of hacking terms:
● Phishing – phishing is a way of hacking into accounts online, such as email, social media, etc. A fake page is made that looks like the official login page and when you open it, it looks the same as it should. Check the URL to see – most genuine sites have SSL encryption and will start HTTPS (not http).
● Tabnapping – if you have multiple tabs open on your browser, it is possible for your account to be hacked. In an attack of this type, the victim will click on a link from another website, for example, let’s assume I have sent you a link to Twitter via a message. You click on that link and you also have a few other tabs open on your browser, the hacker replaces the Twitter page with a fake page. You would think your account has been logged out; you go and log back in and your account details are forwarded to the hacker.
● Desktop Phishing – This is a more advanced form of phishing, much the same as the first method but instead of the URL being replaced with a fake one, your computer will be affected. When you try to open a page from a link sent to you, a fake page opens but the URL remains the same as it should be, making it very difficult to detect just by looking. If you are using a proper browser, it should detect the phishing method and warn you though.
● Software Keylogger – This is a piece of software that will go every single keystroke on your keyboard and send it back to the hacker. They can determine what your online account details are and use them for their own purposes.
● Hardware Keylogger – This is a hardware device, which must be connected to the computer for the keystrokes to be logged. The most commonly used one is for credit card details
.
● Brute Force Attack – Brute Force attacks are used for hacking passwords although it is a very time consuming method and tends to work better for those who use common passwords. The hacker has to guess at the password and just keep inputting their guesses.
● Wordlist Attack – Similar to the brute force, but the hacker must first generate a list of words and save them to the software used by the hack. Those words are then applied until the right combination is found.
● Encryption – This describes how data and passwords are stored, i.e. in encrypted format so they cannot be easily read by hackers.
● Ransomware – Ransomware is a code program used by hackers to encrypt an entire hard disk and then ransom it, i.e. ask you for money to release the data.
● IP Address – IP is a shortened version of Internet Protocol and an IP address is the address, which relates to your device. It can be a private IP or a public.
● VPN – A VPN or Virtual Private Network is a method by which we can hide our identity online and change the IP address our computer uses to access the internet.
● Web Server – A web server is basically a computer where website files are stored and retrieved when a website is accessed.
● DoS Attack – This means Denial of Service and this kind of attack is usually used to bring a website down and make it unavailable. It is done by flooding the website with fake traffic so it goes well over the bandwidth limit and crashing the server. A firewall is the best form of defense against a DoS attack.
● DDoS Attack – This means a Distributed Denial of Service attack. With a DoS attack, there is a single device but with a DDoS attack, there are multiple fake devices. A firewall will work but it has to be a specific type of firewall such as Cloudflare CDN.
● SQL Injection – SQL injection attacks are used to inject queries into website databases, thus hacking the details and data stored on it.
● Social Engineering – This kind of attack is where a person is duped into providing their account details or other sensitive information.
Introduction
Thank you for taking the time to read my guide on ethical hacking with Kali Linux. It is, without a doubt, the most powerful platform and the most popular for penetration testing and other forms of ethical hacking and is the result of many years of continuous evolution and refinement.
It was never built to be just a collection of hacking tools, as some believe it to have been. Instead, it is one of the most flexible frameworks available for the security enthusiast, the professional penetration tester, and for the beginner in ethical hacking, like you. It is customizable and, yes, it does contain a great many useful tools, some of which we will be using throughout this book.
A Brief History of Ethical Hacking
We first heard the phrase, “ethical hacking”, back in 1995 when it was used by John Patrick, the Vice President of IBM but the concept is much older than that. There are those that claim the vast majority of hackers aim to be ethical hackers but, right now, that doesn’t seem to be the case with the news full of stories of major hacking scandals and it really isn’t any wonder that all hackers are tarred with the same brush of being nothing more than criminals. To gain a better understanding of the truth, we need to go back in time.
The Hacker’s Origins
When we talk about ethical hacking in terms of history, what we are really taking about is general hacking. It wasn’t always considered bad to be a hacker and the modern context of the word actually came from MIT, the Massachusetts Institute of Technology.
During the 1960s, the term was commonly used by students of engineering to describe several methods of system optimization and machine optimization to make them more efficient. Hacking was nothing more than a kind of hobby, done by some incredibly bright people and the idea of an ethical hacker comes way before the idea of the criminal hacker.
Tiger Teams and Phreakers
It wasn’t until the 1970s that things began to get a bit darker. As computers grew in popularity, so did the number of people of understood computer programming and systems languages and they were starting to see that there were potential benefits to testing systems to see what they could do.
It was about this time that we started to hear of ‘phreakers’, people who could manipulate the telecommunication systems, and who could truly understand the nature of the telephone networks. They would make use of devices that could mimic a dialing tone for the purpose of routing phone calls – this gave them the opportunity to make their own phone calls free of charge, particularly the long distance calls that were very expensive. It could be argued that phreakers were considered to be the first illegal hackers.
However, at the same time, companies and government departments were starting to see how beneficial it could be to have experts in place who could find weaknesses in their systems, thus stopping activities like phreaking from happening. These were called the “tiger teams” and the US government made good use of them for the purpose of shoring up their defense systems.
The Black Hat Hacker Rises Up
During the 1980s and the 1990s, we began to hear the term, “hacker”, used pretty much only with criminal activity. The personal computer was now a very popular tool, not just for individuals but for businesses too and that meant there were large amounts of personal and sensitive data being stored within computer programs. The hackers could see the potentials in stealing that data and using it for fraudulent behavior or selling it one to other unscrupulous persons.
We began to see a profile building up in the media, a negative profile of hacking where hackers were nothing more than criminals who were stealing data and blackmailing companies into parting with a lot of money, just by using skills they had learned. We call these black hat hackers, people who only want to use their skills for malicious activities. Black hats are the ones we hear about the most in the media and recent years have seen some very high-profile attacks on the biggest companies in the world, like Sony and Amazon.
The Modern Cybercriminal is More Sophisticated
Every day, an estimated 30,000 + websites are hacked into, which just shows you how widespread modern hacking is. Some of those hackers are very inexperienced, using tools that other hackers write and not having any real understanding of what they are doing while others are incredibly sophisticated in their attacks, constantly looking for ways to get what they want.
We also tend to think of a hacker as someone who spends all day in a darkened room tapping away at their computer. That may be the case for some but there are other methods in use, form password cracking to social engineering, where a person is duped into passing on sensitive information or personal details.
The Regeneration of the Ethical Hacker
Over time, hackers have definitely become a lot smarter and they are far more persistent and that means businesses and government departments have had to build up their own defenses to try to stop them. This is the reason the ethical hacking concept is being used more and more to combat the problems these businesses face.
Ethical hacking is now one of the most common forms of hacking and you can become a certified ethical hacker, also known as a whit hat hacker. White hats use exactly the same techniques as the black hats use but they do it to find the vulnerabilities in a system and then fix them or tell the company concerned so they can get them fixed.
Many of the best white hat hackers in the world started out as black hats. Take Kevin Poulson, for example. He hacked into the telephone lines for a contest on a radio station, ultimately winning the top prize of a Porsche 944 S2. He went to prison for his crime but has now turned to white hat hacking and is, today, a respected journalist.
Ethical Hacking Techniques
To do their jobs properly, ethical hackers need to work under a high level of secrecy. This means they are usually directly employed by management, with other staff and IT security teams having no knowledge of their employments. This allows them to work much the same as black hat hackers do and they will use several different techniques to try to hack into a system. The first is penetration testing, followed by social engineering and password cracking. We’ll be going over a lot of these throughout this guide.
Black, White or Grey?
As you learned in the last chapter, we can’t tar all hackers with the same black hat brush. Hackers can be anyone, not just criminals, who use the knowledge they have of hardware and software to get through the security measures in place on a computer, network or device. In itself, hacking is not illegal unless the hacker is accessing a system without express permission from the owner and many businesses employ hackers to help them with their security.
Generally, we categorize hackers by the color of a metaphorical hat – white, grey or black – and the term actually dates back to the old Spaghetti Westerns – the good guys wore white hats while baddies wore the black. Let’s look at what each color stands for:
Black Hat
Black hat hackers, like all hackers, have vast amounts of knowledge about compromising computer systems and networks and getting past any security measures. The black hat is also the type of hacker that writes malware and viruses.
Their motivation is for financial or personal gain usually and they can range from a complete beginner who is just having a go at spreading a virus or malware about, to the professional hackers that can get in, steal data and get out again without being seen. Black hat hackers don’t just steal data though; they may also destroy or alter it to do something else.
White Hat
The white hat hacker has the same level of experience and knowledge but they opt to use theirs for good and not evil purposes. These are the ones we call the ethical hackers, and they are often employed or contracted by companies to look for vulnerabilities in their systems.
They use the exact same methods as a black hat hacker but, in their case, it is with the permission of the owner of that system. This is what makes it legal to do. They will carry out penetration testing, vulnerability assessments and test the security systems already in place. There are training courses and certifications that you can take to become a certified ethical hacker.
Grey Hat
Nothing in life is just black or white; there are always grey areas and the same goes with hackers. The grey hat hackers are a mixture of black and white hat hackers; they will look into a system without the owner’s permission, trying to find vulnerabilities and they may them report those problems to the owner, often asking for a fee to fix them. If they get no response they may even take the step of posting what they found on the internet for everyone to see.
The grey hat hackers don’t really have malicious intentions; they just want to get paid for what they found. Most will not advertise any vulnerabilities they have found and they won’t exploit them for their own gain either. However, it is still thought to be an illegal form of hacking because they don’t have permission to access the system.
The word “hacker” still elicits negative thoughts in most people but it is very important to understand the difference between the types of hacker. If the white hat hackers weren’t there, finding the vulnerabilities and the threats, and fixing them, the black hats would be running riot. As it is, much as we hear a great deal about it, black hat hackers are in the minority.
Hacking Terms You Should Learn
You will come across a number of hacking terms on your journey and the following are the most important ones to learn. Later I will give you a full glossary of hacking terms:
● Phishing – phishing is a way of hacking into accounts online, such as email, social media, etc. A fake page is made that looks like the official login page and when you open it, it looks the same as it should. Check the URL to see – most genuine sites have SSL encryption and will start HTTPS (not http).
● Tabnapping – if you have multiple tabs open on your browser, it is possible for your account to be hacked. In an attack of this type, the victim will click on a link from another website, for example, let’s assume I have sent you a link to Twitter via a message. You click on that link and you also have a few other tabs open on your browser, the hacker replaces the Twitter page with a fake page. You would think your account has been logged out; you go and log back in and your account details are forwarded to the hacker.
● Desktop Phishing – This is a more advanced form of phishing, much the same as the first method but instead of the URL being replaced with a fake one, your computer will be affected. When you try to open a page from a link sent to you, a fake page opens but the URL remains the same as it should be, making it very difficult to detect just by looking. If you are using a proper browser, it should detect the phishing method and warn you though.
● Software Keylogger – This is a piece of software that will go every single keystroke on your keyboard and send it back to the hacker. They can determine what your online account details are and use them for their own purposes.
● Hardware Keylogger – This is a hardware device, which must be connected to the computer for the keystrokes to be logged. The most commonly used one is for credit card details
.
● Brute Force Attack – Brute Force attacks are used for hacking passwords although it is a very time consuming method and tends to work better for those who use common passwords. The hacker has to guess at the password and just keep inputting their guesses.
● Wordlist Attack – Similar to the brute force, but the hacker must first generate a list of words and save them to the software used by the hack. Those words are then applied until the right combination is found.
● Encryption – This describes how data and passwords are stored, i.e. in encrypted format so they cannot be easily read by hackers.
● Ransomware – Ransomware is a code program used by hackers to encrypt an entire hard disk and then ransom it, i.e. ask you for money to release the data.
● IP Address – IP is a shortened version of Internet Protocol and an IP address is the address, which relates to your device. It can be a private IP or a public.
● VPN – A VPN or Virtual Private Network is a method by which we can hide our identity online and change the IP address our computer uses to access the internet.
● Web Server – A web server is basically a computer where website files are stored and retrieved when a website is accessed.
● DoS Attack – This means Denial of Service and this kind of attack is usually used to bring a website down and make it unavailable. It is done by flooding the website with fake traffic so it goes well over the bandwidth limit and crashing the server. A firewall is the best form of defense against a DoS attack.
● DDoS Attack – This means a Distributed Denial of Service attack. With a DoS attack, there is a single device but with a DDoS attack, there are multiple fake devices. A firewall will work but it has to be a specific type of firewall such as Cloudflare CDN.
● SQL Injection – SQL injection attacks are used to inject queries into website databases, thus hacking the details and data stored on it.
● Social Engineering – This kind of attack is where a person is duped into providing their account details or other sensitive information.
1 Comments:
You have shared a lot of information in this article. I would like to express my gratitude to everyone who contributed to this useful article. Keep posting. we also provide service for Hire a verified hacker. for more info visit our website.
Post a Comment