1. HACKING
An introduction
by Jayaseelan Vejayon

2. So…what is hacking?
• Hacking is the practice of modifying the features of a
system, in order to accomplish a goal outside of the
creator's original purpose.
(http://whatishacking.org/)
• Computer hacking
– is the practice of modifying computer hardware and
software to accomplish a goal outside of the creator’s
original purpose.
– is most common among teenagers and young adults
(http://www.wisegeek.org/what-is-computer-hacking.htm)

3. Why hack?
• Profit
– Information can be sold
– Information can be used to steal
• Protest
– Eg. Hactivism: a hacktivist is someone whom utilizes
technology to announce a social, ideological, religious, or
political message
• Challenge
– Fun, problem-solving skill, the thrill of power

4. Why hack? Some examples…
• Hackers want to
– use the victim’s computer to store illicit materials
i.e pirated software, pornography, etc.
– steal the victim’s personal information in order to
access accounts or the accounts of the website
visitors. The data can be used to gain access to
important databases; billing, merchant accounts,
etc.

5. Why hack? Some examples…
• Hackers want to
– set-up fake ecommerce sites to access credit card
details; gain entry to servers that contain credit
card details and other forms of credit card fraud
– spy on friends, family, co-workers for personal
reasons
– revenge
(http://www.website-guardian.com/why-do-hackers-hack-websites-va-5.html)

6. Effects of hacking
• Damage to information
• Theft of information
– Credit card details, social security numbers, identity fraud,
email addresses
• Compromise/damage of systems
• Use of victim machines as “zombies”
Hacking attacks cost large businesses an average of about
$2.2 million per year (Symantec 2010 State of Enterprise Security
Study)

7. Effects of hacking
• Businesses may suffer from damaged reputations
and lawsuits
• Business secrets could be stolen and sold to
competitors
• Computing system/infrastructure could suffer from
performance degrading as the resources used for
malicious activities
In an education institution, hacking can cause damage to the institution’s
credibility/reputation ie. If examination system is compromised and
sensitive data tampered

8. A hacker…
Can fall into one of these types:
• Black hats
 Individuals with good computing knowledge, abilities and
expertise but with the intentions and conducts to cause
damage on the systems they attack
 Also known as crackers
• White hats
 Individuals with good hacking skills
 They perform defensive activities against hacking
 Also known as security analysts

9. A hacker…
• Gray hats
 Individuals that perform both offensive and defensive
hacking activities
• Suicide hackers
 Individuals whom want to fail a computing system for a
personal ‘reason’ or ‘cause’
 Not worried about the serious consequences that they may
have to face as a result of their damaging activities i.e being
jailed for many years

10. Types of attacks …
• DoS/DDoS Attacks
• Password Guessing Attacks
• Man-in-the-Middle Attacks
• Identity Spoofing
• Interception
• Eavesdropping
• Backdoor Attacks
… and many more!

11. How to hack?…
Many of the hacking tools
and guides are available on
the Internet
 BackTrack is a Linux distro
with many tools; Metasploit,
Aircrack-ng, Nmap,
Ophcrack, Wireshark, Hydra
and many many more!
 The real reasons for
BackTrack development are
for digital forensics and
penetration testing

12. How to hack?…some examples
System Hacking; Keyloggers, password
cracking
Trojans
Viruses
Sniffers
Social Engineering
Denial of Service
SQL Injection

13. How to hack?…some examples
Password cracking - dictionary attacks, brute
forcing attacks, hybrid attacks, syllable
attacks and rule-based attacks
Other types of password cracking attacks –
shoulder surfing, social engineering,
dumpster diving, wire sniffing, Man-in-the-
Middle, password guessing, keylogger

14. Passwords…
Enforce complexity so that passwords
are difficult to break; use combination
of letters, numbers, special characters

15. How to hack?…some examples
Password cracking - dictionary attacks, brute
forcing attacks, hybrid attacks, syllable
attacks and rule-based attacks
Other types of attacks – shoulder surfing,
social engineering, dumpster diving, wire
sniffing, Man-in-the-Middle, password
guessing, keylogger

16. How to hack?
LIVE DEMO
Keylogger
Sniffing
Web-cloning
Google Hacking
NTFS Streams
DNS Spoofing

17. Thank you
http://jayitsecurity.blogspot.com