S

AAKANKSHA INTERNATIONAL SCHOOL-THE GURUKUL,

NAGAUR

ETHICAL HACKING WORKSHOP BY

RAJAN KHANDELWAL(CYBER CRIME SECURITY EXPERT CERTIFIED)SACHIN PUNIYA (TRAINER UNDER ANKIT FADIYA & SUNNY VAGELA)

TOPICS OF WORKSHOP ETHICAL HACKING INTRODUCTION.

INTRODUCTION TO INFORMATION GATHERING & FOOT PRINTING

PHISHING (GMAIL HACKING,FACE-BOOK HACKING)

CYBER FORENSICS. VIRUS,WORMS,KEYLOGGERS,SNIFF

ERS, TROZANS.

TOPICS

SYSTEM HACKING & SECURITY.

GOOGLE HACKING REVERSE ENGINEERING.

MOBILE AND BLUETOOTH HACKING.

STEGNOGRAPHY

TOPICS FIREWALLS AND DNS .

WEBSITE HACKING(ONLY SQL INJECTION).

1).ETHICAL HACKING INTRODUCTION

1. WHAT IS HACKING?

2. WHAT IS ETHICAL HACKING AND WHO ARE ETHICAL HACKERS?

3. WHAT ARE TYPE OF ETHICAL HACKERS?

Black hat ,White hat ,Grey hat, Script kiddies,

Undergo Employees.

Hackers development cycle

Reconnaissance- it’s the basic information gathering about the target system.

Scanning-its to target the system for open ports and services running on the open ports.(65570 ports)

Gaining Access-it’s the actual access of the target system by exploiting the system.

Maintaining Access-keeping the access of the system even after leaving the system so as not to perform all the steps from the start.

Cleaning tracks- To remove the footprints if any so as to remain undetected from the system.

practical's Global IP address-www.ipcow.com

To find dedicated and shared server-www.yougetsignal.com

Use to check IP address and contact details of any website-

Who.is website, Samspade software.

How to copy full website and see it in offline –winHT track website copier.

To see website back to time –way back time machine.

For changing right click properties Go to run type regedit.

In regedit go to my computer then Hkey classes root

Then search for name “folder”.

In folder there is shell open ,

Default change content according to you .

To ping any website- c:CD/

C:/>ping www.websitename.com

For changing hard disk options

Go to run type gpedit.msc

User configurations.

Admin privileges.

Windows component.

Windows explorer –just see on its right side and change settings according to you.

INTRODUCTION TO INFORMATION GATHERING AND FOOTPRINTING FOOT PRINTING IS PRE ATTACK PHASE IT HELPS US TO

GATHER MAXIMUM ABOUT OUR VICTIM.

SCANNING IS A PROCESS OR TECHNIQUE OF INTELLIGENT INFORMATION FOR AN ATTACKER

WE FIND

1. IP ADDRESS

2. OPERATING SYSTEMS.

3. SYSTEM ARCHITECTURE.

4. SERVICES RUNNING ON EACH COMPUTER.

THREE TYPES OF SCANNING

PORT SCANNING,NETWORK SCANNING ,VULNERABILITY SCANNING

PRACTICALS SOFTWARE TO SCAN PERSONS THAT ARE IN

YOUR NETWORK IF U ARE WORKING ON WIFI OR ANY COMPANY

SOFTPERFECT NET SCAN FOR NET WORK

SCANNING

SOFTWARE TO SCAN DETAILS OF ANY WEBSITE ANY SERVER ,ANY COMPUTER

ZENMAP OR NMAP (SCAN ANY WEBSITE )

C:/>NMAP 192.168.150.1.

PHISHING (GMAIL,FACE BOOK HACKING)

PHISHING IS A TECHNIQUE THROUGH WHICH WE SEND A CLONE PAGE OF ANY WEBSITE TO THE VICTIM AND AS THE VICTIM FILES THE USERNAME AND PASSWORD WE GET THAT PASSWORD AND WE CAN ACCESS THAT MAIL OR WEBSITE ACCOUNT OF THE VICTIM.

REQUIREMENTS:-

1. GMAIL FAKE PAGE .

2. PHP SCRIPT.

3. LOGS.txt.

4. FREE HOSTING WEBSITE.

PRACTICAL OEN GMAIL .COM

RIGHT CLICK ON IT OR PRESS CONTROL+U.

ITS PAGE SOURCE VIEW COPY ALL THE PAGE

OPEN NOTEPAD AND PASTE IT

EDIT FIND ACTION CHANGE FILE TO NOKIA.PHP

AND SAVE THAT FILE AS GMAIL.HTML

NOW THAT FILE IS ON LOCAL MACHINE BUT TO SEND THAT TO ANY VICTIM WE SHOULD HAVE TO UPLOAD THAT ON ANY WESITE THROUGH WHICH IT WOULD BE GETTING LINKED.

CONTINUE ANY WEBHOSTING SITE

WWW.T35.COM,WWW.110MB.COM,WWW.BYTEHOSTING.COM,000WEBHOST.COM

MAKE YOUR ACCOUNT THEN GO TO CONTROL PANEL FILE MANAGER

MAKE NEW FOLDER MAKE NEW DIRECTORY

UPLOAD NOKIA.PHP FILE ,GMAIL.HTML(FAKE

PAGE).

CONTINUE SEND THE LINK OF YOUR FAKE PAGE TO VICTIM

YOU WOULD GET THE USERNAME PASSWORD IN LINK YOU SEND IT TO THE VICTIM JUST CHANGE LAST ROOT FILE OF IT WITH LOGS.TXT.

http://roam.hostingsiteforfree.com/nokia.php/logs.txt

http://roam.hostingsiteforfree.com/nokia.php/gmail.html

http://roam.hostingsiteforfree.com/nokia.php/facebook.html

CYBER FOREINSICS Cyber Forensics can be defined as a process

of retrieving back the evidences deleted by the criminal from hard disk, pen drive, memory card, laptop disks, portable hard disks.

The process takes place in two manners:-

1. Recovering the deleted data

2. In case of damage Sorting the data from a scrambled

form.

continue

Formatting

1. Quick Formatting 2. Complete Formatting

Index Application Size

101001 ramayan.avi 850MB

Quick Formatting will be very quick and after when its done your OS will not gone show you any content of the pendrive and hence we think data is deleted but in reality data is always there in quick formatting, its only Index is gone. and when index is gone then Windows OS can not determine the location of file and hence will say its empty.

Continue

Complete Formatting : It will delete both index and data.

Whatsapp Forensic Recovery:-Can recover up to 7 days of the chat because after 7 days backup whatsapp delete the logs from your storage.

Practical How to recover what's app messages

1. Take the phone whose messages you want to recover take file called MySQL from database of whatsapp to your computer and save it .

2. Go to website www.recovermessages.com

3. Scan the MySQL file and you will have messages of seven days.

Continue

How to recover pendrive and hard disk drives?

For that a software is needed it is

Easus data recovery professional for data recovery .

Select the drive in this software which you want to recover but first condition drive should be quick format .

Virus ,worms keyloggers,trojans

What is virus ?

Malicious program ,using this program will damage your

system, by injecting the virus into other program

what is worms?

same as virus but they will spread throughout the

network.

What is Trojan ?]

It is like data of the victim to be used by someone else.

Not harming your computer.

TROJANS

There are 2 types of Trojans are there

1. DIRECT TROZAN – IT’S THE TROZAN IN WHICH YOU NEED TO HAVE IP ADDRESS OF THE VICTIM EVERYTIME .

2. REVERSE TROZAN- IT’S THE TROZAN IN WHICH YOU NEED TO HAVE IP ADDRESS OF THE VICTIM ONCE AS IT CHANGES DYNAMICALLY THERE WILL BE EFFECT IN OUR ID WHICH WE WANT(VICTIM’S IP)

PRACTICAL DIRECT TROZAN ARE-

1. BEAST TROZAN V2.0

2. PRO RAT

3. TROKOZAN

REVERSE TROZAN

1. CYBER GATE

2. DARK COMMET.

CONTINUE

BEAST TROZAN

1. HOST IP address ,port, built server

2. As server is build there will be file we will send it to victim there he clicks it .

3. And then we connect the victim by clicking on go beast now we can have ay change .

DARK COMMET

1.CLIENT 2.EDIT SERVER 3.SERVER MODULE 4.TEST

NETWORK 4.INSTALL MESSAGE 5.BUILD SERVER .

Keyloggers (theory n practical) What is key logger?

It is a tool which keeps record of what ever you write on pc

or notepad file username password etc.

Two types of key logger

1.local key logger – family key logger.

2.remote key logger –general keylogger.

SYSTEM HACKING & SECURITY

What is system hacking?

it’s the process in which we log into the victims computer

or any persons computer which is locked without

password or by changing the password.

there are 2 modes in which system hacking is done :-

1 online mode.

2 offline mode.

PRACTICALS Online mode-

For windows XP –command prompt net user password

For windows 7 and above manage options local users

user administrator (change password)

Offline mode-

1. Hiren boot cd.

2. Kon boot cd.

security

Use windows 8 version or Ubuntu.

Use bios password locker .

Use boot priority as from hard disk .

Change periodically your password.

GOOGLE HACKING Who discovered Google?

Larry Page and Sergey Brin 1997 and deploy in 1998 from Stanford university.

Google ranking--> Its a page rank algorithm that rank the websites according to their genuine content and their relevance on stats incurring hits on the websites and popularity among the cyber space youth.

Google hacking is nothing but its advance method for searching required things in the internet. As Google advance searching platform gives us a refined search.

PRACTICALS Define: computer.

Time: Gujarat.

Weather: America.

CCTV Camera Hacking with Google

DORK ----> "view/shtml”

Website Hacking with Google Hacks

XML Extraction attack

"app/etc./local.xml”

www.exploit-db.com -- to see more Google hacks.

REVERSE ENGINEERING Reverse engineering is used to redevelop

something .

Required things:-

1. Debugger and

2. Application you want to crack.

Practical Here am using Ollydbg as a debugger and

SMAC as Application to crack

Step 1 :Open SMAC and type anything in the registration key box. It will revert back with an error like "Invalid Registration ID".

STEP 2:Open Ollydbg. Go to File-->Attach Smac application Go to View-->All Executable Modules Click on SMAC.EXE It will open a new window with all the executable modules of SMAC

Practical Step 3: Give a Right click, choose "search for

text” and then again right click on "All referenced text strings”. Try to find KEY of the application which will be like XXXX-XXXX-XXXX-XXXX Analyze each line. You will find "SMC2U-" is the starting key value for all editions of the software. Now find rest of the key.

Step 4:Key is 67BF-89E7-00E6-56C1-1F07. So the total key isSMC2U-67BF-89E7-00E6-56C1-1F07 Close OLLYDBG. Open SMAC and enter this key.

Continue Step 5:Now you will get an error like "Invalid Registration

ID entered” Now do the same thing as previous we done to attach the SMAC and viewing executable modules and search for text "Invalid Registration ID entered”. You will find that string 4 times. Now we will terminate the process by changing the address of "Invalid Registration ID entered" to "Product has been successfully registered". The address of the "Product has been successfully registered" is 004874EF.First we have to double click on the "Invalid Registration ID entered" row it will open a new window.

Step 6:Select or click on "Invalid Registration ID entered” and then press Space. Replace the text in the box with JMP 004874EF. Now click on Assemble and then cancel It will terminate the process and will jump to success method. Do the same thing for another 3 "Invalid Registration ID entered".

continue Step 7:After changing the address now you have

to right click on the window opened and click on Copy to executable" -->"All Modifications” Again a new window will come up. Right click again and "save file" Give any name to the name.

Step 8: Now open the file it will show you a message "This product has been modified and will shut down” Now again open Ollydbg do the same process find for the text "This product has been modified and will shut down "After finding right click on that find any JMP statement in the Assembly code. If you find JE then convert it to JNE and vice versa.

Continue Step 9:You will find the JE on the top of "This

product has been modified and will shut down" statement and select it and press Space bar. Now change the JE 004660CE to JNE 004660CE. Save the file as we did above. Now open the file give reg id as SMC2U-anything you want you will get a success message.

Practical(to crack WinRAR) Download WinRAR (trial version)

Download resource hacker.

1. Open file winRAR.exe dialoguereminder1033delete resourcesave the filecrack folderwinrar.exenow copy that new exe file to original folder of WinRAR replace original file with cracker file

So now your WinRAR is there for lifetime

MOBILE HACKING AND BLUETOOTH HACKING

Mobile hacking actually means attacks on operating system of mobile phones and also methods to track a mobile handset.

For android phone :-

Rooting your android phone is getting its super user rights with it you can have permissions to install custom software, increase battery life etc.

For iPhone's its jail breaking its similar to rooting

practical's ROOTING of ANDROID phone

Step 1:turn on USB DEBUGGING in your phone

Step 2 :download unlock root from its official website

http://www.unlockroot.com

Now just open the unlock Root application by double clicking on the runnable file

Connect the phone to computer through usb cable and your phone will be detected automatically

Now click on root and your phone will be rooted and it will ask to install power saver application and finally it will be ask to reboot your phone reboot it .

continue Jail braking in IPHONE :-

Open http//www.jailbreakme.com on your safari iphone4 browsers

As full page loads slide your finger on “slide to jailbreak”

After few minutes phone will be getting jailbreak and a icon would appear cydia icon click on cydia

Here you click on first time user it will take time for loading click on sources on next screen and click on edit button

Cydia buttons will be changed you have to choose add ,keep in mind you are connected to internet ,now select version of AppSync.

TRACING A MOBILE NUMBER Step 1:go to www.way2sms.com

Register yourself there and then on right hand side you will see option find mobile location

Just feed the number and you will get the location and company of the mobile no.

Another website is also there its indiatrace.com

Bluetooth hacking Go to www.hack.pt.tp

Download super Bluetooth hack v 1.7

And then install on your java supported phone

And then follow accordingly as shown in video.

STEGNOGRAPHY

It is science of hiding information.

It is hiding text files in pictures audio mp3 files ,video files.

Basically used by terrorist in 9/11 attacks on USA

Practical First make a notepad file and save as

“secret.txt”

And next we should have pictures any image. Jpg

Now go to command prompt type

copy/b image.Jpg+secret.txt secretimage.jpg

1 file copied (it’s a way in command prompt)

Using GUI we use Stool which accepts only bmp image file

FIREWALLS Firewall in computer terms can be defined as the

gatekeeper which checks the genuine of every data packet coming and going out from the computer. Mainly it is deployed to protect our computer from external attacks ,like malicious URL attacks, remote exploits like netapi, viruses etc.

Company Colleges Restrictions

Establishing ID

Establishing UTMs

Establishing Firewalls

Practicals 1. Software Firewall: can be defined as an

application software which is going to be installed on windows or any other operating system. And then start its scanning and protection mechanism.

Top software firewalls

1. Zone Alarm Firewall 2.Viper Internet Security 2013

*Limitation of Software Firewall*

can easily be corrupted and infected

- Unable to protect servers and other OS from zero day attacks

practical 2. Hardware Firewall: can be defined as a piece

of hardware that can be deployed in the organization to protect it from external as well as internal attacks. As its a piece of hardware its always comes into a read only rom chip that can not be easily infected by any virus or exploit.

Hardware Firewalls Available

1. Juniper Hardware Firewall (UTM)unified threat mgmt. system.

2. Nebero ( Anti-Porn)

3. Cyberom (Indian Company Ahmedabad, Client)

Set up a free firewall Name –open DNS

Website Control Panel: www.opendns.com

Support: Servers, Windows, LAN and MAN up to 5k users.

Deployment: For Personal PC, For LAN Router, For

College University and organization etc. etc.

WEBSITE HACKING What is website?

Websites can be defined as a platform to present information about a company, person, organization etc. etc.

Web site are of two types

1. Static Websites: Static Websites can be defined as the websites which are not driven by a proper database and maximum all static websites are developed in HTML technology with almost rare response feature from the end these website are not having any control panel. they are mostly driven through TP clients connected to the hosting server.

Continue

2. Dynamic Websites: These websites can be defined as the websites having large number of database installed and also have features to insert new data, fetch new data, delete the data etc. etc. These websites have their own control panels from which the admin do change the settings as per required. It has properties like : Read Write Delete Insert etc. etc. which are not available in Static websites. Dynamic Websites uses databases like: MY SQL , SQL SERVER , ORACLE etc.

Parts of Web Application

Front Hand : From where user fills the data and when clicks on submit the data goes to the database.

Backhand: is the database where the requested data is being stored.

Continue SQL ( Structured Query Language)

Its a technology that able to get the data from the front hand and stored the data into the backhand And when required do the vice versa.

Admin Login Page

The page from where the administrator enters into the control panel of the website and do the need fully changes.

"adminlogin.php" "admin/login.php" "administrator.php" "login/admin.php"

"adminlogin.asp" "admin/login.asp" "adminstrator.asp" "login/admin.asp"

"adminlogin.aspx" "admin/login.aspx" "adminstrator.aspx" "login/admin.aspx"

Continue When u find admin age then u need to enter

username password

Write 'or' '=’ in user Name n password Field

Use proxies while hacking

If time Left i Will teach You error based SQL injection and xss vulnérabilités

BONUS (Wi-Fi cracking)

What is WI-FI hacking?

It is cracking wireless routers and connections which are available but are WEP WPA WPA-2 secured .

Requirement_

1. backtrack 5R1

2. ATHERNO ADAPTOR AS WIRELESS CARD

Go to exploitation tool gerix Wi-Fi cracker through this u can crack your Wi-Fi

QUERIES

For any enquires & questions contact on

Facebook-https://www.facebook.com/rajan.khandelwal.98

Gmail- http://www.rajankhandelwal01@gmail.com

My WEBSITE-officialrajankhandelwal01.weebly.com

On whatsapp only ques 9414463477

YOU can follow me on TWITTER-

AND MR SACHIN PUNIYA

Sachinpuniya.blogspot.com

Facebook-https://www.facebook.com/sachin.puniya