





































































Estude fácil! Tem muito documento disponível na Docsity
Ganhe pontos ajudando outros esrudantes ou compre um plano Premium
Prepare-se para as provas
Estude fácil! Tem muito documento disponível na Docsity
Prepare-se para as provas com trabalhos de outros alunos como você, aqui na Docsity
Encontra documentos específicos para os exames da tua universidade
Prepare-se com as videoaulas e exercícios resolvidos criados a partir da grade da sua Universidade
Responda perguntas de provas passadas e avalie sua preparação.
Ganhe pontos para baixar
Ganhe pontos ajudando outros esrudantes ou compre um plano Premium
Entenda basicamente o que fazer em certas situações.
Tipologia: Manuais, Projetos, Pesquisas
1 / 77
Esta página não é visível na pré-visualização
Não perca as partes importantes!






































































Information and
Instructional Guide
HACKING SECRETS REVEALED
DISCLAIMER
The authors of this manual will like to express our concerns about the misuse of the information contained in this manual. By purchasing this manual you agree to the following stipulations. Any actions and or activities related to the material contained within this manual is solely your responsibility.
The misuse of the information in this manual can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this manual to break the law.
(Note This manual was created for Information purposes only.)
Introduction
HE internet is ever growing and you and I are truly pebbles in a vast ocean of information. They say what you don’t know can’t hurt you. When it comes to the Internet believe quite the opposite. On the Internet there a millions and millions of computer users logging on and off on a daily basis. Information is transferred from one point to another in a heartbeat. Amongst those millions upon millions of users, there’s you.
As humble a user you may be of the Internet, you are pitted against the sharks of the information super highway daily. Problem with that is the stealth by which it happens. Currently about 30-40% of all users are aware of the happenings on their computer. The others simply either don’t care or don’t have the proper “know how” to recognize if their system is under attack and or being used.
You bought this manual because you are concerned about your privacy on the Internet. As well you should be. On the Internet nothing is quite what it appears to be. The uninformed will get hurt in many ways.
T
By no means am I going to make a ludicrous claim that this manual will protect you from everything. What I will say is that by reading this manual hopefully you will be in a better situation to protect yourself from having your information compromised.
Did you know it doesn’t matter if you’re connected to the net 24hrs a day or 15 min’s a day your system is vulnerable. Not only is it vulnerable in that 15 min’s you can possibly loose all your data get locked out of your own system and have all your confidential information like your “Bank Account Numbers”, “Your Budget”, “Your personal home address” compromised.
Don’t give me wrong, I’m not trying to throw you into a state of paranoia either. What I am saying is that if you’re not careful you leave yourself open to a wide range of attacks.
Perhaps you’re skeptical and saying to yourself “Oh I don’t do anything on the net except check my E-mail etc that sort of thing can’t happen to me.”
Okay I like a challenge let’s do a test!
System intrusion in 15 seconds, that’s right it can be done. If you possess certain security flaws your system can be broken into in less that 15 seconds.
To begin this chapter I’d like you to do the following. Connect to the Internet using your dial up account if you are on dial up. If you are on dedicated service like High Speed connections (ie, Cable and DSL) then just proceed with the steps below.
Once you have the IP address write it down, then close that window by clicking (OK) and do the following.
At this point you should see a screen that looks like this.
Type the following at the Dos Prompt
For example: nbtstat –A 207.175.1.
(Please note that you must type the A in capitol letters.)
This will give you a read out that looks like this
NetBIOS Remote Machine Name Table
Name Type Status
J-1 <00> UNIQUE Registered
WORK <00> GROUP Registered
J-1 <03> UNIQUE Registered
J-1 <20> UNIQUE Registered
WORK <1E> GROUP Registered
WORK <1D> UNIQUE Registered
MSBROWSE.<01>GROUP Registered
(Again info has been omitted due to privacy reasons)
The numbers in the <> are hex code values. What we are interested in is the “Hex Code” number of <20>. If you do not see a hex code of <20> in the list that’s a good thing. If you do have a hex code <20> then you may have cause for concern. Now you’re probably confused about this so I’ll explain.
A hex code of <20> means you have file and printer sharing turned on. This is how a “hacker” would check to see if you have “file and printer sharing” turned on. If he/she becomes aware of the fact that you do have “file and printer sharing” turned on then they would proceed to attempt to gain access to your system.
(Note: To exit out of the DOS prompt Window, Type Exit and hit Enter)
Not a lot of time to gain access to your machine is it? How many of you had “File and Printer Sharing” turned on?
Ladies and Gentlemen: This is called a Netbios attack. If you are running a home network then the chances are you have file and printer sharing turned on. This may not be the case for all of you but I’m sure there is quite a number of you who probably do. If you are sharing resources please password protect the directories.
Any shared directory you have on your system within your network will have a hand holding the folder. Which looks like this.
You can check to find which folders are shared through Windows Explorer.
At this point you will see a listing of all the different programs on your system
Find Windows Explorer and look for any folders that look like the above picture.
Once you have found those folders password protect them. Don’t worry I’ll show you how to accomplish this in Chapter 8 in a visual step by step instruction format.
Netbios is one of the older forms of system attacks that occur. It is usually overlooked because most systems are protected against it. Recently there has been an increase of Netbios Attacks.
Further on in this manual we shall cover some prevention methods. For now I wish only to show you the potential security flaws.
Some common features with Trojans are as follows:
Let’s take a closer look at a couple of more popular Trojans:
The Netbus Trojan has two parts to it as almost all Trojans do. There is a Client and a Server. The server is the file that would have to get installed on your system in order to have your system compromised. Here’s how the hack would go.
The Hack
Objective: Getting the potential victim to install the server onto his/her system.
Method 1
Send the server file (for explanation purposes we’ll call the file netbusserver.exe) to you via E-Mail. This was how it was originally done.
The hacker would claim the file to be a game of some sort. When you then double click on the file, the result is nothing. You don’t see anything. (Very Suspicious)
Note: (How many times have you double clicked on a file someone has sent you and it apparently did nothing)
At this point what has happened is the server has now been installed on your system. All the “hacker” has to do is use the Netbus Client to connect to your system and everything you have on your system is now accessible to this “hacker.”
The joiner utility will combine the two files together and output 1 executable file called:
This file can then be renamed back to chess.exe. It’s not exactly the same Chess Game. It’s like the Tomato Juice, it’s just slightly different.
The difference in these files will be noticed in their size.
The original file: chess.exe size: 50,000 bytes
The new file (with Trojan): chess.exe size: 65,000 bytes
(Note: These numbers and figures are just for explanation purposes only)
The process of joining the two files, takes about 10 seconds to get done. Now the “hacker” has a new chess file to send out with the Trojan in it.
Q. What happens when you click on the new chess.exe file?
Answer: The chess program starts like normal. No more suspicion because the file did something. The only difference is while the chess program starts the Trojan also gets installed on your system.
Now you receive an email with the attachment except in the format of chess.exe.
The unsuspecting will execute the file and see a chess game. Meanwhile in the background the “Trojan” gets silently installed on your computer.
If that’s not scary enough, after the Trojan installs itself on your computer, it will then send a message from your computer to the hacker telling him the following information.
Username: (A name they call you)
IP Address: (Your IP address)
Online: (Your victim is online)
So it doesn’t matter if you are on dial up. The potential hacker will automatically be notified when you log on to your computer.
You’re probably asking yourself “how likely is it that this has happened to me?” Well think about this. Take into consideration the second chapter of this manual. Used in conjunction with the above mentioned methods can make for a deadly combination.
These methods are just but a few ways that “hackers” can gain access to your machine.
Listed below are some other ways they can get the infected file to you.
News Groups:
By posting articles in newsgroups with file attachments like (mypic.exe) in adult newsgroups are almost guaranteed to have someone fall victim.
Don’t be fooled though, as these folks will post these files to any newsgroups.
Grapevine:
Unfortunately there is no way to control this effect. You receive the file from a friend who received it from a friend etc. etc.