Ethical Hacking – Password Hacking

We have passwords for emails, databases, computer systems, servers, bank accounts, and virtually everything that we want to protect. Passwords are in general the keys to get access into a system or an account.

In general, people tend to set passwords that are easy to remember, such as their date of birth, names of family members, mobile numbers, etc. This is what makes the passwords weak and prone to easy hacking.

One should always take care to have a strong password to defend their accounts from potential hackers. A strong password has the following attributes:

·        1. Contains at least 8 characters

·        2. A mix of letters, numbers, and special characters

·        3. A combination of small and capital letters.

Dictionary Attack

In a dictionary attack, the hacker uses a predefined list of words from a dictionary to try and guess the password. If the set password is weak, then a dictionary attack can decode it quite fast. Hydra is a popular tool that is widely used for dictionary attacks. Take a look at the following screenshot and observe how we have used Hydra to find out the password of an FTP service.

Hybrid Dictionary Attack

Hybrid dictionary attack uses a set of dictionary words combined with extensions. For example, we have the word “admin” and combine it with number extensions such as“admin123”, “admin147”, etc. Crunch is a wordlist generator where you can specify a standard character set or a character set. Crunch can generate all possible combinations and permutations. This tool comes bundled with the Kali distribution of Linux.

Brute-Force Attack

In a brute-force attack, the hacker uses all possible combinations of letters, numbers, special characters, and small and capital letters to break the password. This type of attack has a high probability of success, but it requires an enormous amount of time to process all the combinations. A brute-force attack is slow and the hacker might require a system with high processing power to perform all those permutations and combinations faster. John the Ripper or Johnny is one of the powerful tools to set a brute-force attack and it comes bundled with the Kali distribution of Linux.

Rainbow Tables

A rainbow table contains a set of predefined passwords that are hashed. It is a lookup table used especially in recovering plain passwords from a cipher text. During the process of password recovery, it just looks at the pre-calculated hash table to crack the password. The tables can be downloaded from http://project-rainbowcrack.com/table.htm

RainbowCrack 1.6.1 is the tool to use the rainbow tables. It is available again in Kali distribution.

Quick Tips

• ·        Don’t note down the passwords anywhere, just memorize them.
• ·        Set strong passwords that are difficult to crack.
• ·        Use a combination of alphabets, digits, symbols, and capital and small letters.
• ·        Don’t set passwords that are similar to their usernames.

Ethical Hacking − Terminologies

FOLLOWING IS A LIST OF IMPORTANT TERMS USED IN THE FIELD OF HACKING

· Adware: Adware is software designed to force pre-chosen ads to display on your system.

· Attack: An attack is an action that is done on a system to get its access and extract sensitive data.

· Back door: A back door, or trap door, is a hidden entry to a computing device or software that bypasses security measures, such as logins and password protections.

· Bot: A bot is a program that automates an action so that it can be done repeatedly at a much higher rate for a more sustained period than a human operator could do it. For example, sending HTTP, FTP or Telnet at a higher rate or calling script to create objects at a higher rate.

· Botnet: A botnet, also known as zombie army, is a group of computers controlled without their owners’ knowledge. Botnets are used to send spam or make denial of service attacks.

· Brute force attack: A brute force attack is an automated and the simplest kind of method to gain access to a system or website. It tries different combination of usernames and passwords, over and over again, until it gets in.

· Buffer Overflow: Buffer Overflow is a flaw that occurs when more data is written to a block of memory, or buffer, than the buffer is allocated to hold.

· Clone phishing: Clone phishing is the modification of an existing, legitimate email with a false link to trick the recipient into providing personal information.

· Cracker: A cracker is one who modifies the software to access the features which are considered undesirable by the person cracking the software, especially copy protection features.

· Denial of service attack (DoS): A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.

· DDoS: Distributed denial of service attack.

· Exploit Kit: An exploit kit is software system designed to run on web servers, with the purpose of identifying software vulnerabilities in client machines communicating with it and exploiting discovered vulnerabilities to upload and execute malicious code on the client.

· Exploit: Exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to compromise the security of a computer or network system.

· Firewall: A firewall is a filter designed to keep unwanted intruders outside a computer system or network while allowing safe communication between systems and users on the inside of the firewall.

· Keystroke logging: Keystroke logging is the process of tracking the keys which are pressed on a computer (and which touchscreen points are used). It is simply the map of a computer/human interface. It is used by gray and black hat hackers to record login IDs and passwords. Keyloggers are usually secreted onto a device using a Trojan delivered by a phishing email.

· Logic bomb: A virus secreted into a system that triggers a malicious action when certain conditions are met. The most common version is the time bomb.

· Malware: Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other malicious programs.

· Master Program: A master program is the program a black hat hacker uses to remotely transmit commands to infected zombie drones, normally to carry out Denial of Service attacks or spam attacks.

· Phishing: Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking emails, in an attempt to gather personal and financial information from recipients.

· Phreaker: Phreakers are considered the original computer hackers and they are those who break into the telephone network illegally, typically to make free long distance phone calls or to tap phone lines.

· Rootkit: Rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.

· Shrink Wrap code: A Shrink Wrap code attack is an act of exploiting holes in unpatched or poorly configured software.

· Social engineering: Social engineering implies deceiving someone with the purpose of acquiring sensitive and personal information, like credit card details or user names and passwords.

· Spam: A Spam is simply an unsolicited email, also known as junk email, sent to a large number of recipients without their consent.

· Spoofing: Spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.

· Spyware: Spyware is software that aims to gather information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge.

· SQL Injection: SQL injection is an SQL code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

· Threat: A threat is a possible danger that can exploit an existing bug or vulnerability to compromise the security of a computer or network system.

· Trojan: A Trojan, or Trojan Horse, is a malicious program disguised to look like a valid program, making it difficult to distinguish from programs that are supposed to be there designed with an intention to destroy files, alter information, steal passwords or other information.

· Virus: A virus is a malicious program or a piece of code which is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data.

· Vulnerability: A vulnerability is a weakness which allows a hacker to compromise the security of a computer or network system.

· Worms: A worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself.

· Cross-site Scripting: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side script into web pages viewed by other users.

· Zombie Drone: A Zombie Drone is defined as a hi-jacked computer that is being used anonymously as a soldier or 'drone' for malicious activity, for example, distributing unwanted spam e-mails.

HOW TO INSTALL WINDOWS ON A MAC

Boot Camp

Boot Camp helps you install Microsoft Windows on your Mac. After installing, restart your Mac to switch between macOS and Windows.

What You Need

·         An Intel-based Mac

·         A Microsoft Windows installation media or disk image (ISO) containing a 64-bit version of Microsoft Windows 7 or later
Read more about system requirements to find out whether your Mac supports installing a specific version of Windows, or to learn about installing older versions of Windows. If you’re installing Windows for the first time, use a full installation (not an upgrade) disc or disk image.

·         An Apple keyboard, mouse, or track pad, or a USB keyboard and mouse

·         At least 55 GB of free disk space on your startup drive

·         For most Mac models, you also need a blank 16 GB or larger USB flash drive.

Install and Open Boot Camp Assistant

Connect a blank USB flash drive

Format your Windows Partition

When you complete the assistant, Mac restarts to the Windows installer. When you’re 

asked where you want to install Windows, select the BOOTCAMP partition, then click Format.This step is only required if you’re using a flash drive or optical drive to install Windows. In all other cases, the correct partition is selected and automatically formatted for you..

Install Windows and Restart your Computer

After Windows is installed, you can switch between macOS and Windows. Use the Startup Disk preference pane in macOS, or the Boot Camp system tray item in Windows to select your startup disk, then restart your computer.

Boot Camp comes with your Mac and lets you install Microsoft Windows. No need to download anything yourself — just open Boot Camp Assistant and it will guide you through the rest.

DVD/CD DRIVES NOT SHOWING UP IN WINDOWS EXPLORER - WINDOWS XP FIX

If you can't see your optical drives (CD/DVD Drives/Writers) in My Computer window, follow these solutions to fix the issue.


OPTION 1

a) Right click on my computer (or type diskmgmt.msc on run window: on this way you can go to step d directly)
b) Click on manage 
c) then click on disk management 
d) then right click on your device - DVD/CD
e) select Change Drive letter and path
f) Assign a Drive letter.

OPTION 2

1.Go to start, run and type regedit. Locate the key

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}.

2.Locate the values on the right for UpperFilters, and/or LowerFilters. Remove these values; then reboot your computer. Be careful here, there are very few second chances when it comes to the registry.

3.Restart the Computer 


OPTION 3

If you cant find the above registry key , Open Command Prompt as Administrator, and copy the below code and press enter to add. Restart the computer
reg.exe add "HKLM\System\CurrentControlSet\Services\atapi\Controller0" /f /v EnumDevice1 /t REG_DWORD /d 0x00000001

OPTION 4

1. Open Device Manager using devmgmt.msc command and enable "View -> Show hidden devices" option. Now locate the DVD/CD-ROM drives and IDE ATA/ATAPI controllers items.

2. Right-click on each entry present under both "DVD/CD-ROM drives" and "IDE ATA/ATAPI controllers" sections one bye one and select Uninstall.

3. Once all have been removed, right-click again and select Scan for hardware changes.

The drives will be rediscovered and when the drivers are loaded back, the drives will re-appear in My Computer window.

4. Restart your computer.

ACTIVE DIRECTORY: MANAGING USERS AND GROUPS WITH POWERSHELL

Automate Active Directory PowerShell scripts

"To use the Microsoft cmdlets, you must have a Windows Server 2008 R2 domain controller (DC), or you can download and install the Active Directory Management Gateway Service on legacy DCs."

“Download Remote Server Administration Tools on client machine”

Open Programs in Control Panel and select Turn Windows Features On or Off. Scroll down to Remote Server Administration Tools and expand Role Administration Tools D DS and AD LDS Tools > Active Directory Module for Windows PowerShell. Enable Active Directory Module.

Open the PowerShell console and type the following command to see which commands are in the module:

PS> Get-Command -Module ActiveDirectory

"User name Taken for the below commands -Tmantra"

 

·       Find Users

PS> Get-AdUser -Identity 'Tmantra'

·       Create Users

$NewUserParameters = @{
    'GivenName' = 'Tech'
    'Surname' = 'Mantra'
    'Name' = 'Tmantra'
    'AccountPassword' = (ConvertTo-SecureString 'p@$$w0rd10' -AsPlainText -Force)
    'ChangePasswordAtLogon' = $true
}

New-AdUser @NewUserParameters

·       Add users to Groups

Add-AdGroupMember -Identity 'Manager' -Members 'Tmantra'

·       Delete a User

Remove-ADUser Tmantra -whatif

·       Reset a User Password

PS C:\> $newpwd = Read-Host "Enter the new password" -AsSecureString

 Enter the new password:

PS C:\> Set-ADAccountPassword Tmantra -NewPassword $newpwd –Reset

·       Disable and Enable User account

PS C:\> Disable-ADAccount Tmantra

PS C:\> Enable-ADAccount Tmantra

·       Unlock User Account

PS C:\> Unlock-ADAccount Tmantra

Automate Creation of Users

We can combine these commands when the human resources department provides a CSV file that lists new users to create in Active Directory. The CSV file might look like this:

"FirstName","LastName","UserName"
"Adam","Bertram","abertram"
"Joe","Jones","jjones"

To create these users, write a script that invokes the New-AdUser command for each user in the CSV file. Use the built-in Import-Csv command and a foreach loop in PowerShell to go through the file and give users the same password.

Import-Csv -Path C:\Employees.csv | foreach {

    $NewUserParameters = @{

        'GivenName' = $_.FirstName

        'Surname' = $_.LastName

        'Name' = $_.UserName

        'AccountPassword' = (ConvertTo-SecureString 'p@$$w0rd10' -AsPlainText -Force)

    }

    New-AdUser @NewUserParameters

}

How to turn off Windows Update in Windows 10

If you face slowdown of computer due to updates downloading and installing in the background, the following tips will help you to turn off Windows updates in Windows 10

OPTION 1  SET AS METERED CONNECTION

Setting your network connection to ‘Metered’, stops Windows 10 from automatically downloading the Updates. 

Settings app > Network & Internet > WiFi > Advanced options. Move slider to On position for Set as metered connection.

OPTION 2  DISABLING WINDOWS UPDATE SERVICE


By disabling the windows update service you can also disable Automatic Updates from Microsoft.

Control Panel  >  All Control Panel Items > Administrative Tools >  Services.

Find windows update service from the list > Right Click on the service > Properties >  Startup Type > Select Disabled.

note: you will have to go to the Services and turn it on once in a while to download and update your copy of Windows.

OPTION 3  GROUP POLICY

Run > gpedit and navigate to the following policy setting:

Computer Configuration > Administrative Templates > Windows Components > Windows Update.

On the right-side, double-click on Configure Automatic Updates and change it to disabled