HACKING VS CRACKING - PowerPoint Presentation

Slide1

HACKING VS CRACKING

VISHVESHWARYA GROUP OF INSTITUTIONS

B.TECH: CS Vth C

Presented by: SHIVASHISH PANDEYSlide2

ABSTRACT

Hacking is

like a spell of using

source code and learning how things work. Cracking is illegally breaking into computer systems and stealing information. It is all about the hacking and cracking methods sharing as both an ideal and a practical strategy of views.

Various security exploits and viruses and cracking software are described in order to achieve an answer about … hacking VS cracking

Overall the purpose of security and the legal and illegal measures of hackers and crackers. --- shivashish

pandeySlide3

INTRODUCTIONSlide4

Computer hacking, including the following types of activity:

• Hacker (programmer subculture),

activity within the computer programmer subculture

•Hacker (computer security),

to access computer networks, legally or otherwise

•Computer crimeSlide5

Hacker (programmer subculture)

A hacker is an disciple of the subculture that originally emerged in academia in the 1960s spirit of playfulness and exploration is termed hacking.

Hacking entails exploring limits of what is possible, excellence , thereby doing something exciting and meaningful , this cleverness can be said to have "hack value" and are termed hacks.

hacker primary focus — be it to malign or benevolent purposes — lies in exploiting weaknesses in computer securitySlide6

Hacker (computer security)

Hacker (computer security)

hacker

 is someone who seeks and exploits weaknesses in a computer system or computer network and referred to computer underground community.

They takes advantage of a known weakness , Commonly security exploits are SQL injection, Cross Site Scripting and Cross Site Request Forgery.

Other exploits used through FTP, HTTP, PHP,SSH, Telnet and some web-pages. A very common in website/domain hacking.

•Secure operating systems

•Security by design

•Secure codingSlide7

Security exploits

A security exploit is a prepared application that takes advantage of a known weakness. examples SQL injection , Cross Site Scripting and Cross Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP, SSH, Telnet and some web-pages. These are very common in website/domain hacking.

Techniques

This section does not cite any references or sources. Please help improve this section by adding citations to reliable sources. Un sourced material may be challenged and removed. (August 2011)

Vulnerability scanner

A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defender computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)Slide8

Password cracking

is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.

packet sniffer

is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.

A

rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a

rootkit

will obscure its installation and attempt to prevent its removal through a subversion of standard system security.

Rootkits

may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.Slide9

Trojan horse

is a program which Seems to be do one thing, but is actually doing another. It can be used to set up a back

Door in a computer system such that

intruder can gain access later.

Virus: self replicating programs, spread by inserting copies of it’s into other insert able code or documents. so a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells. While some are harmless or mere hoaxes.

Worm is also a self replicating program differs from a virus that it interact through computer networks without user

intervention

. Unlike a virus, it does not need to attach itself to existing program.

key logger

: tool record ('log') every keystroke on an affected machine for later retrieval. Its purpose is allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other.Slide10

A typical approach in an attack on Internet-connected system is:

Network enumeration

: Discovering information about the intended target.

Vulnerability analysis: Identifying potential ways of attack.Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

Fake applications

Few of tricks are to make a fake applications and users use it for a goal it shows always a fake results. Contains of differ viruses, worms and key loggers etc. to data access or fraud.

In order to access data or may to harm computer security for a purpose with variant approaches by security experts.Slide11

Computer Crime

A computer can be a source of evidence. Even when a computer is not directly used for criminal purposes, may contain records of value to criminal investigators. [citation needed]

Penalties for computer related crimes in New York State can range from a fine and a short period of jail time for a Class A misdemeanor such as unauthorized use of a computer up to computer tampering in the first degree which is a Class C felony and can

carry 3 to 15 years in prisonSlide12

Documented cases

One of the

highest profiled

banking computer crime occurred during a course of three years beginning in 1970.The chief teller at the Park Avenue branch of New York's Union Dime Savings Bank embezzled over

$1.5 million from hundreds of accounts.A hacking group called

MOD (Masters of Deception), allegedly stole passwords and technical data from Pacific Bell, Nynex, and other telephone companies as well as several big credit agencies and two major universities. The damage caused was extensive, one company, Southwestern Bell suffered losses of $370,000 alone.

In 1983,

a nineteen-year-old UCLA student used his PC to break into a Defense Department international communications system.[14]

Between

1995

and

1998

the News

corp

satellite pay to view encrypted SKY-TV service was hacked several times during an on-going technological arms race between a pan-European hacking group and News corp. The original motivation of the hackers was to watch Star Trek re-runs in Germany; which was something which News

corp

did not have the copyright to allow.Slide13

On 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent that document and copy of the virus via e-mail to other people.

In February 2000 a individual going by the alias of Mafia Boy began a series denial-of-service attacks against high profile websites, including Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN. About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computers sending pings in

DDoS

attacks.

On 3 August 2000, Canadian federal prosecutors charged Mafia Boy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks.

The Russian Business Network (RBN) was registered as an internet site in 2006. Initially, much of its activity was legitimate. But apparently the founders soon discovered that it was more profitable to host illegitimate activities and started hiring its services to criminals. The RBN has been described by VeriSign as "the bad of the bad".Slide14

It offers web hosting services and internet access to all kinds of criminal and objectionable activities, with an individual activities earning up to $150 million in one year. It specialized in and in some cases monopolized personal identity theft for resale. It is the originator of M Pack and an alleged operator of the now defunct Storm

botnet

.

On 2 March 2010, Spanish investigators arrested 3[clarification needed] in infection of over 13 million computers around the world. The "botnet" of infected computers included PCs inside more than half of the Fortune 1000 companies and more than 40 major banks, according to investigators.In August 2010 the international investigation Operation

Delego, operating under the aegis of the Department of Homeland Security, shut down the international pedophile ring Dreamboard

. The website had approximately 600 members, and may have distributed up to 123 terabytes of child pornography (roughly equivalent to 16,000 DVDs). To date this is the single largest U.S. prosecution of an international child pornography ring; 52 arrests were made worldwide.[17]On March 1, 2011 at Lassiter High School, two students were accused of impersonation of a staff member via cybercrime, but both claimed they were uninvolved. The offense was made a felony in the Cobb County School District two months after the impersonation had happened. Shortly afterwards, the head of the LHS School Board said "The teacher just wouldn't do this at all". The case ended on May 9, and no evidence was found.Slide15

It offers web hosting services and internet access to all kinds of criminal and objectionable activities, with an individual activities earning up to $150 million in one year. It specialized in and in some cases monopolized personal identity theft for resale. It is the originator of

MPack

and an alleged operator of the now defunct Storm

botnet.On 2 March 2010, Spanish investigators arrested 3[clarification needed] in infection of over 13 million computers around the world. The "

botnet" of infected computers included PCs inside more than half of the Fortune 1000 companies and more than 40 major banks, according to investigators.In August 2010 the international investigation Operation

Delego, operating under the aegis of the Department of Homeland Security, shut down the international pedophile ring Dreamboard. The website had approximately 600 members, and may have distributed up to 123 terabytes of child pornography (roughly equivalent to 16,000 DVDs). To date this is the single largest U.S. prosecution of an international child pornography ring; 52 arrests were made worldwide.

On March 1, 2011 at Lassiter High School, two students were accused of impersonation of a staff member via cybercrime, but both claimed they were uninvolved. The offense was made a felony in the Cobb County School District two months after the impersonation had happened. Shortly afterwards, the head of the LHS School Board said "The teacher just wouldn't do this at all". The case ended on May 9, and no evidence was found.Slide16

CRACKING

Cracking is illegally breaking into computer systems and stealing information. And modification of software to remove or disable features cracking the software (copy protection, protection against the manipulation of software),trial/demo version, serial number, hardware key, date checks.Slide17

Software cracking

 is the modification to remove or disable features which are considered undesirable by the person cracking the software, usually related to 

protection methods

, trial/demo version, serial number, hardware key, date checks, CD check or software annoyances like nag screens.The distribution and use of cracked copies is illegal in most countries. There have been lawsuits over cracking software

Methods

Most common crack is modification of an application's binary to cause or prevent a specific key branch in the program's execution.

reverse engineering compiled program code using a debugger such as

SoftIC

,

OllyDbg

, GDB, or MacsBug until the software cracker reaches the subroutine that contains the primary method of protecting the software Binary is then modified using the debugger or a hex editor or monitor in a manner replaces a prior branching

opcode

with its complement or a NOP

opcode

, so the key branch will always execute a specific subroutine or skip over it.Slide18

There are some crack that removes the expiration period from a time-limited trial of an application. disassembling an executable file with a program such as

OllyDbg

.

These cracks are usually programs that patch the program executable and sometimes the .

dll or .so linked to the application.

Another method is the use of CloneCD to scan for the use of a commercial copy protection . After discovering software use to protect application, another tool may be used to remove the copy protection from software on the CD or DVD. This may enable another program such as Clone DVD, Games, or Daemon Tools to copy the protected software to a user's hard disk.Slide19

In other ways, it may be possible to decompile a program in order to get access to original source code or code on a level higher than machine code. Possible with scripting language & utilizing compilation. Cracking (or debugging)on .NET platform where one might consider manipulating CIL to achieve one's needs. Java's byte code also works in a similar fashion in which there is medium language before program is compiled to run on platform dependent machine code.

Many crackers spend much time studying the protection, eventually finding every flaw within the protection code,& then coding their own tools to "unwrap“ protection from executable (.EXE) & (.DLL) library files and number of sites on the Internet that let users download cracks for games & application. cracks are used by legal buyers of software, they can also be used by people who have downloaded or otherwise obtained pirated software

(often through P2Pnetworks).Slide20

There are many password cracking software tools, but the most popular are Cain and Abel, John the Ripper,

Hashcat

, Hydra,

DaveGrohl and ElcomSoft. Many litigation support software packages also include password cracking functionality. Most of these packages employ a mixture of cracking strategies, with brute force and dictionary attacks proving to be the most productive, however more successful software packages are usually private tools and are not published.

Network distributed password cracking: As password cracking is inherently embarrassingly parallel Crack v4.0a introduced the ability to use a network of heterogeneous workstations connected by a shared file system as parts of a distributed password cracking effort.

All that was required for this was to provide Crack with a configuration file containing the machine names, processing power rates and flags required to build Crack on those machines and call it with the -network option.Slide21

password cracking

is the process of recovering passwords from data that have been stored in or transmitted by a computer system

Common approach is to repeatedly try guesses for the password.

Other

common approach is to say that you have "forgotten“ password & so change it .

Password cracking is to help user to recover forgotten password(though installing new password is less of security risk but involve system admin privilege

) to gain

unauthorize

access or as prevention for system administrator to check easily

crackable

password On file-by-file basis, cracking is to gain access , which a judge has allowed access but the particular file's access is restricted.Slide22

Time to crack a password

it

is related to bit strength; which is measure of the password's information. Most of password cracking require the computer to produce many candidate passwords, each of which is checked. Computer tries every possible key or until it succeeds. Such as dictionary attacks, pattern checking, word list substitution etc. attempt to reduce number of trials required. Higher password bit strength increases exponentially .

The ability to crack passwords using computer programs is also a function of the number of possible passwords per second which can be checked. Example: a commercial product test 103,000 WPA PSK passwords per second. Individual desktop computers can test over a 100 million passwords per second using password cracking tools that run on a general purpose CPU & billions of passwords per second . A eight-character password with numbers, mixed case, and symbols, reaches an estimated 30-bit strength. 230 is only one billion permutations and would take an average of 16 minutes to crack. In 2002, distributed.net successfully found a 64-bit RC5 key in four years, in an effort which included over 300,000 different computers at various times, and which generated an average of over 12 billion keys per second. Graphics processors can speed up password cracking by a factor of 50 to 100 over general purpose computers. As of 2011, commercial products are available that claim the ability to test up to 2,800,000,000 passwords a second on a standard desktop computer using a high-end graphics processor. Such a device can crack a 10 letter single-case password in one day. Note that the work can be distributed over many computers for an additional speedup proportional to the number of available computers with comparable GPUs.Slide23

Easy to remember, hard to guess

A password that is easy to remember is generally also easy for an attacker to guess. Passwords which are difficult to remember will reduce the security of a system because (a) users might need to write down or electronically store the password, (b) users will need frequent password resets and (c) users are more likely to re-use the same password. Similarly, the more stringent requirements for password strength, e.g. "have a mix of uppercase and lowercase letters and digits" or "change it monthly", the greater the degree to which users will subvert the system.

On July 16, 1998, CERT reported an incident where an attacker had found 186,126 encrypted passwords. By the time they were discovered, they had already cracked 47,642 passwords. In December 2009, a major password breach of the Rockyou.com website occurred that led to the release of 32 million passwords. The cracker then leaked the full list of the 32 million passwords (with no other identifiable information) to the internet. Passwords were stored in

cleartext in the database and were extracted through a SQL Injection vulnerability. The

Imperva Application Defense Center (ADC) did an analysis on the strength of the passwords.In

June 2011, NATO (North Atlantic Treaty Organization) experienced a security breach that led to the public release of first and last names, usernames, and passwords for more than 11,000 registered users of their e-bookshop. The data were leaked as part of Operation AntiSec, a movement that includes Anonymous,

LulzSec

, as well as other hacking groups and

individuals.On

July 11, 2011, Booz Allen Hamilton, a large American Consulting firm that does a substantial amount of work for the Pentagon, had their servers hacked by Anonymous and leaked the same day. "The leak, dubbed 'Military Meltdown Monday,' includes 90,000 logins of military personnel—including personnel from USCENTCOM, SOCOM, the Marine Corps, various Air Force

facilities,Homeland

Security, State Department staff, and what looks like private sector contractors."These leaked passwords wound up being hashed in Sha1, and were later decrypted and analyzed by the ADC team at

Imperva

, revealing that even military personnel look for shortcuts and ways around the password requirements.

On July 18, 2011, Microsoft Hotmail banned the password: "123456"Slide24

Hackers VS

Crackers

A hacker can write code in one or more languages, such as C, C++, assembly, Java.

As Cracker Most are not really knowledgeable or skilful.

They understand what certain codes do and how it works .As to cover their tracks in order to prevent being caught. They fails some time due to lack of knowledge.

They exploring the details of programmable systems.some do have extensive training, advanced skills, and have in-depth knowledge of network programming. A common method used by crackers for harming networks or stealing important information.They placing a high value on freedom of inquiry , hostility to secrecy but

Crackers use three types of password cracking, which are commonly used; these include Dictionary, Hybrid, and Brute Force.Slide25
Slide26

CONCLUSION

In summary, hacking and cracking can be used both illegally and legally to gain access to a computer network. Other than the ethical difference between the two, the major factor that separates hackers and crackers is an understanding of computer systems and the ability to create software.

“

A hacker, in the classic sense of the term, is someone with a strong interest in how things work, who likes to tinker and create and modify things for the enjoyment of doing so.”Slide27

THE ENDSlide28