Parameters Hackers Crackers

Hackers are good people who hack Crackers are people who hack a system by breaking
devices and systems with good intentions. into it and violating it with some bad intentions. They

Definition They might hack a system for a may hack a system remotely for stealing the contained data
specified purpose or for obtaining more or for harming it permanently.
knowledge out of it.

They have advanced knowledge of These people may be skilled. But most of the time, they

Skills and
programming languages and computer don’t even need extensive skills. Some crackers only

Knowledge OS. Hackers are very skilled and intelligent have a knowledge of a few illegal tricks that help them
people. in stealing data.

Hackers work with specific organizations Crackers harm an organization. These are the people
Role in an
to help them in protecting their from whom hackers defend sensitive data and protect the
Organization
information and important data. organizations as a whole.

These are ethical types of professionals. These are illegal and unethical types of people who
Ethics
only focus on benefiting themselves with their hacking.
 Hacking
Cracking Phreakers are people who specialize in attacks on
Cracker Tools the telephone system.
Phreaking
Phreaking attack on Communication system
War dialler

War dialing is a technique to automatically scan a list of telephone numbers, usually dialing every

number in a local area code to search for modems, computers, bulletin board systems and fax

machines
 Cracker Tools

Working of Password Cracking apps

These applications make use of different
methods for recovering passwords. Common
techniques used include Dictionary Attack,
Brute Force Attack, Rainbow Table Attack,
Cryptanalysis, and simply guessing the
password
 Categories of Vulnerabilities : Hackers Search for

Categories of Vulnerabilities that

Hackers typically search for :
Inadequate Border Protection
Remote Access Servers with
weak Access Controls
Application Servers with well
known exploits
Misconfigured systems and
systems with default
configurations.
 Categories of Cyber Crimes
Cyber Crimes are categories based on :
 Target of the Crime
 Crimes Targeted at Individuals
 Crimes Targeted at Property
 Crimes Targeted at Organizations
 Occurrence of Crime as single event or as a series of events.
 Single Event of Cyber Crime
 Series of Events
 Attack Planning by Criminals
Cyber Criminals use methods and Tools to identify the Vulnerabilities in the Target.
They Plan the attack in two ways :
 Active Attack
 Usually used to alter the System and its resources.
 Affects the availability, integrity and authenticity of the data.
 Passive Attack
 Usually used to gain information about the Target.
 Breach of confidentiality.
Phases involved in planning of Cyber Crimes :

 Reconnaissance (Information Gathering ) which is treated as a passive Attack

 Scanning and Scrutinizing gathered information for validity and identifying the existing vulnerabilities.

 Launching an Attack (Gaining and maintaining the system Access)

 Reconnaissance
Reconnaissance is a type of computer attack in which an intruder engages with the targeted system to gather
information about vulnerabilities.

Attacker tries to gather information in two phases

Passive Attack phase
 Usually used to gain information about the Target.
 Breach of confidentiality.

Active Attack phase

 Usually used to alter the System and its resources.
 Affects the availability, integrity and authenticity of the data.
 Reconnaissance : Passive Attacks
 Passive Attack phase is usually used to gain information about the Target without the knowledge of user which
leads to breach of confidentiality.
 Ex : Watching a building to know activities of its occupants
Searching Google for knowing more details about the target.
 Reconnaissance : Active Attacks
 Active reconnaissance is a type of computer attack in which an intruder engages with the targeted system to
gather information about vulnerabilities.
 This type of recon requires that attacker interact with the target.
 This recon is faster and more accurate, however it also makes much more noise.
 This type of reconnaissance provides the attacker about the confirmation about the securoty measures in place at
the target.
 Since the attacker have to interact with the target to gain information, there’s an increased chance that the recon
will get caught by a firewall or one of the network security devices. (Intrusion Detection Systems, network
firewalls, etc.)
 Ex : This may be through automated scanning or manual testing using various tools like ping, traceroute, netcat
etc.
Reconnaissance : Ports
Reconnaissance : Ports
 Reconnaissance : Active Attacks Tools
Active recon activity can be performed by using three major types of tools:
 Port Scanning Tools: Identify open ports
 Web Service Review Tools: Identify web-based vulnerabilities
 Network Vulnerability Scanning Tools: Identify infrastructure-related security issues
Network Vulnerability Scanning
Port Scanning Tools Web Service Review Tools
Tools
NMap Nikto OpenVAS
udp-proto-scanner Netsparker Nessus
Masscan SQLMap Nexpose
Burpsuite Qualys
HCL AppScan Amass
wpscan
Eyewitness
WebInspect
ZAP
 Scanning and Scrutinizing Gathered Information
 Scanning is a key step to examine intelligently while gathering information about the target.
 Objectives of Scanning
 Port Scanning : Identify Open / Close Ports
 Network Scanning : Understand IP Address and related information about the Networked Systems.
 Vulnerability Scanning : Understand existing Weaknesses in the system.

 Scrutinizing phase is also referred as “Enumeration” phase.

 Objectives of Scrutinizing is to identify :
 Valid User accounts / groups
 Network and / or shared Resources.
 Operating System and applications that can be run ion the OS.
 Attack ( Gaining and Maintaining System Access)
 After Scanning and Scrutinizing, attack is launched through following steps :
 Crack the Password
 Exploit the Privileges.
 Execute Malicious commands / Applications
 Hide the files
 Cover the tracks – Delete the call logs, so that the trails of illicit activities are eliminated.
 Social Engineering
 Social engineering is the “technique to influence” and “persuasion to deceive” people to obtain the information or perform
some action.
 Social engineers exploit the natural tendency of a person to trust social engineers’ word, rather than exploiting computer
security holes.
 It is generally agreed that people are the weak link in security and this principle makes social engineering possible.
 A social engineer usually uses telecommunication (i.e., telephone and/or cell phone) or Internet to get them to do
something that is against the security practices and/or policies of the organization.
 Social engineering involves gaining sensitive information or unauthorized access privileges by building inappropriate trust
relationships with insiders.
 It is an art of exploiting the trust of people, which is not doubted while speaking in a normal manner.
 The goal of a social engineer is to fool someone into providing valuable information or access to that information.
 Social engineer studies the human behavior so that people will help because of the desire to be helpful, the attitude to trust
people, and the fear of getting into trouble.
 The sign of truly successful social engineers is that they receive information without any suspicion.
 Classification of Social Engineering
Human Based Computer Based
Impersonating an Employee
or Valid User Fake Emails

Posing as an important User

Using a Third Person Email Attachments

Calling Technical Support

Shoulder Surfing
Pop Up Windows

Dumpster Diving