Hacking:

Tips for Hackers

Penetration Test and Basic Security
 Introduction

Hackers are people with technical skills that can thwart the security of any
network or computer. This circumvention usually involves unauthorized
entry in a computer system. These intruders are known as Black hat
hackers. However, sometimes such circumvention happens when a security
expert tries tounearththe vulnerabilities and bugs of a system (such hackers
are called white hat hackers or ethical hackers).Black hack hackers mostly
attack a system for monetary gain or with other malicious intentions.
Ethical hackers on the other hand use their knowledge and skills to
safeguard a system or a network against black hat hackers.

This book describes the basicintroductory hackingalso touches upon thetips

for hackers, penetration testing and basic security.This book, which is
meant for beginners who are interested in ethical hacking, does not contain
any high level coding and is written using simple language.

I want to thank you for choosing this book and hope you find it informative.
Have a good read!
Chapter 1: Penetration Testing

Nothing in this world is perfect and it is the same with electronic devices
and the software running in them. In spite of the best efforts of the
developers, the security vulnerabilities still continue to exist. A vulnerability
is nothing but an unintended security flaw. Attackers use these
vulnerabilities as loopholes or backdoors for exploiting the system or a
network. So, what can you do to prevent such an attack? Well, the answer is
Penetration Testing. Penetration testing is the attack done on the system by
security experts with an intention of enhancing its security. If these
vulnerabilities are not taken care of, attackers can make use of them for
stealing your data or to destroy the reputation of your organization.

Penetration tests are typically performed using manual or automated

technologies to systematically compromise servers, endpoints, web
applications, wireless networks, network devices, mobile devices and other
potential points of exposure. Once vulnerabilities have been successfully
exploited on a particular system, testers may attempt to use the
compromised system to launch subsequent exploits at other internal
resources, specifically by trying to incrementally achieve higher levels of
security clearance and deeper access to electronic assets and information
via privilege escalation.

Information about any security vulnerabilities successfully exploited

through penetration testing is typically aggregated and presented to IT and
network systems managers to help those professionals make strategic
conclusions and prioritize related remediation efforts.The fundamental
purpose of penetration testing is to measure the feasibility of systems or
end-user compromise and evaluate any related consequences such incidents
may have on the involved resources or operations.

Why Perform Penetration Testing?

Security interruptions and security breaches can cost you a lot of money.
The breaches in security or any performance related interruptions of the
applications or services can result in financial losses, significant penalties
and fines, attracting negative press, erode customer loyalties and threaten
reputation of the organization. The ponemon Institute conducted a recent
study and reported that an affected company loses $3.5 million due to data
breach. In the year 2013, the losses for target Data breach were estimated
to be $148 million by the first half of 2014.

You cannot safeguard your information at all times and it is not possible too.
For preventing breaches, organizations are traditionally installing and
maintaining several defensive security mechanism layers, firewalls, IDS, IPS
and cryptography. Due to the adoption of new technologies, it has become
hard to include these security systems for finding and eliminating the
vulnerabilities of an organization, for protecting them against potential
security incidents

Penetration Testing Identifies Security Risks and Prioritizes Them

The ability of an organization to protect its applications, endpoints,
networks and uses from internal or external attacks that circumvent the
security controls to gain privileged or unauthorized access to their
protected assets can be evaluated by penetration testing. All the possible
risks posed by flawed processes or security vulnerabilities will let the
security professionals or IT management to prioritize the efforts for
remediation. With a comprehensive and more frequent penetration testing,
emerging security risks can be anticipated by the organizations and
unauthorized access to valuable information and critical systems can be
prevented.

How Often To Perform Penetration Testing?

Performing penetration testing on regular basis will ensure more consistent
network and IT Security management as emerging vulnerabilities or newly
discovered threats can be revealed. Apart from the regular testing
schedules, you should also perform penetration testing under the following
circumstances.

 Whenever new applications or network infrastructure are added

 After modifying the end user policies
 After installing security patches
 Whenever the office is moved to a new location
 Whenever modifications or upgrades are made to the applications or
infrastructure.

How Can You Benefit from Penetration Testing?

There are many benefits with the penetration testing. Penetration testing
allows you to:
 Manage Vulnerabilities Intelligently
 Detail information on the exploitable and actual security threats can
be obtained by penetration testing. With penetration testing the less
significant, most critical and false-positive vulnerabilities can be
proactively identified. With this information, you can prioritize
remediation intelligently, efficiently allocated security resources and
apply the necessary security patches for ensuring their availability
when they are needed the most.
 Avoid the cost of network downtime
 When an organization recovers from a security breach, it can lose
quite a sum of money related to reduced revenue, lowered employee
productivity, legal activities, customer protection and retention
programs, IT remediation efforts and discouraged business partners.
With penetration testing, these financial pitfalls can be avoided by
identifying and resolving the risks, even before the security breaches
or attacks happen.
 Preserve corporate image and customer loyalty
 Even with a single incident where your customer data is
compromised, the organization's image and sales will be both affected
negatively. It is extremely hard to earn the loyalty of customers with
the customer retention costs of these days. With data breaches, the
loyalty of your new customers might be at stake. With penetration
testing, you can avoid these data incidents which damage the
trustworthiness and reputation of your organization.

Types of Penetration Tests

Penetration testing can be performed on networks, systems, applications
and devices. Here are a few types of penetration testing.

Network services test: Out of all the types in penetration testing, the
network services test is the most common one. In this type of testing, a
target system on the network will be look for openings in its network
services and operating systems. These openings will be then remotely
exploited. Some network services testing will be done remotely on the
Internet by targeting the perimeter networks of the organization. Other
attacks will be launched at locally from their own facilities. This is done
with the main intention of assessing the DMZ or Internet work from within.
With this, they will know the kinds of vulnerabilities that and user from the
inside could learn.

Client side test: This type of penetration testing is done with the intention
of finding and exploiting the client side software vulnerabilities. Document
editing programs, media players, web browsers, etc., all come under the
client side software.

Web application test: This type of penetration testing is performed for

uncovering the vulnerabilities present in the web based programs and
applications that are deployed on the target.

Remote dial-up war dial: This type of penetration testing will be

performed on modems present in the target environment. Usually, they
involve brute forcing or password guessing for logging in into the systems
that areconnected to thefound modems.

Social engineering test: In this type of testing, an attempt will be made

on the targeted user to reveal his sensitive information like passwords.
Usually, social engineering tests are done over a telephone call, targeting
users or employees, help desks, procedures, evaluating processes and user
awareness.

Wireless security test: In this type of penetration testing, the physical

environment of the target will be discovered with an intention of finding
wireless access points which have security weaknesses or access points that
are unauthorized.

Every day, new vulnerabilities are being discovered and the attacks are
evolving constantly in terms of their social and technical sophistication.
There is evolution in their overall automation as well.
Chapter 2.Basic Security
With people like hackers, scammers and identity thieves on the Internet,
your personal information and money online are not safe. Here are a few
steps which can help you to protect yourself from such people. Some of
them include updating your computer software, revealing your personal
information only when required, using an antivirus etc. You should also
know that the antivirus programs cannot completely protect you. Antivirus
is like Microsoft Security essentials are not perfect. You will be risking your
data if you completely rely on the antivirus software for protection. Here
are some common sense security practices which will keep you safe from
attackers.

Use Antivirus

Using an antivirus is a wise thing to do. You may possibly be infected by the
browser plug-ins zero day vulnerability from Adobe Flash or even from your
browser. There are chances of you getting infected even after updating your
browser with the latest one. By visiting a web page, you can be infected by
the latest vulnerabilities that are not yet patched. It is not very common but
it is possible. An antivirus software acts as an important protective layer
and can handle such vulnerabilities.

Whenever you set up a new PC or when you install new software, the user
account control will ask you for your permission. This happens whenever
you try to install the new software. With the User Account Control, you can
block malware from modifying your system files without permissions. It is
similar to an antivirus and acts as an important protective layer too.

Choosing the right anti-virus for your system

By selecting and installing a good antivirus you make your system perform
at its peak. When there are unwanted infections and spyware present on
your computer, its performance will be decreased. You can take care of
them by installing an antivirus.

You should be very careful when selecting an antivirus for your computer.
You should choose the correct antivirus depending on the type of work you
do. If you are using your computer at home, you can just get the basic
version of the antivirus. If you're working on the Internet, making online
transactions or when you are sending sensitive files over the Internet, you
can go with the Internet security version. If you wish to get the highest
protection from an antivirus, you can purchase the total security version. As
we have already discussed, they cannot completely remove the viruses from
your system. But they are very efficient in bringing the number down. You
don't have to buy the licensed antivirus software for trying it. Every
antivirus distributor provides users with a trial version of their product. You
can try this trial version to check if it meets your requirements. If it doesn't,
you can go with other options. You can buy an antivirus if you're completely
satisfied with its performance after checking it. There are many sites online
which review different ant viruses. You can refer to those websites for
choosing the right antivirus. They will be subjected to several performance
tests and they will be rated accordingly.

Leave the Firewall Enabled and Configure It Correctly

The Microsoft Windows operating system comes with its own firewall and
you don't have to use a third-party distributed firewall. It is advised that you
leave your firewall enabled at all times. Unsolicited incoming connections
will be blocked by your firewall and with that you can protect applications
on your computer that exploit the unhandled vulnerabilities listening to that
network. During the initial launch of Windows XP, worms like Blaster have
spread quickly because of its weak firewall. The firewall of the latest
operating systems is strong and capable of protecting your system from
such malware.

Configuring your firewall correctly is a must. When connecting to a new

network, Windows will display a pop-up asking you to select the connection
type from any of the Home, Work or Public networks. Here, you should
choose an appropriate answer. If you select Home when connected to the
network at a coffee shop, the windows may make its filesavailable to other
users connected to thesame network. You can prevent other users from
accessing the shared files on your computer by selecting the Public option.

Uninstall Java
Most of the web users run an insecure and outdated version of Java and
simply visiting such web pages will infect you. There are many security
vulnerabilities in Java. On the web, Java applets are rare and for a few
people need Java pre installed.

Uninstall Java from your Control Panel if you have installed it. Browser will
prompt you to install Java if it actually needs it for something. For doing
something online like playing Minecraft, Java should be installed and Java
plug-in for the browser can be disabled after that.

Always Keep Your Software up-to-date

There are many security issues riddled in the software that we use daily.
These security issues are frequently being discovered, whether we are
talking about Microsoft office, Adobe's PDF reader, Adobe Flash plug-in,
Google Chrome, Mozilla Firefox, Internet Explorer - the list will never end.

Whenever a new security issue is identified, the software companies release

security patches for their software regularly. Many attackers use the
information from the latest patch release notes and plan their attacks
accordingly on machines that are unpatched. It is very important to update
your software as soon as the update is released. If you are using the
Microsoft Windows operating system, you can turn on automatic updates or
you can set it to notify you whenever a new update is available, so that you
can update it manually. If you have an unlimited Internet plan, it is advised
that you set it to update automatically. Another significant security issue
nowadays is the browser plug-ins. Always make sure that your browser
plugins are up-to-date. You can check them by visiting the browser's
website.

Be Careful About Programs You Download and Run

Most of the windows users get infected with malware by installing the
accidentally downloaded software. Be very cautious of the software that you
download and install. Downloading or installing software from
untrustworthy distributors is not safe. It is always safe to download the
software from the official website. For instance, if you wish to download
VLC media player, get it from the official website rather than clicking on
banners showing “Download VLC” link from unofficial websites. Most of the
software from unofficial distributors comes with adware and in the worst
case, with malware.

Also be wary of software coming as email attachments. It is not safe to

execute email attachments from untrustworthy senders. When you are
downloading software, check and avoid advertisement banners that disguise
as download links. These links redirect you to websites infected with
possible malware.

Avoid Using Cracked or Pirated Software

You are basically taking a big risk when you are downloading cracked or
pirated software from peers or shady websites. By downloading and running
and executable file from such websites, you are putting your trust in the
software distributed to not doing anything malicious or harmful to you.
Software cracking groups make cracks for the software for them to work
properly. They might have included a malicious software in it and you might
not know about it.

From the security point of view, using cracked or pirated software is not a
good idea. Many people use peer to peer networks for downloading files and
become infected. A bigger risk than downloading pirated videos or music is
to download unauthorized software. Always remember that software is just
a machine code and it can be tampered. A video is nothing but a media file
that can play or not. Many untrustworthy individuals disguise malware as
videos and many less experienced users fall victim of it thinking that they
have downloaded a video.

Beware of Phishing and Social Engineering

Email clients and web browsers provide some level of security against
phishing attacks, but they cannot protect you completely. A phishing attack
can be something similar to a person calling you, claiming that they are
your bank, and asking for your banking details. No bank calls their account
holders and asks this information, just as the bank would never send you an
email and request you to reveal your account information in an email.

Be cautious when you are disclosing your personal information on the web.
Before disclosing your password, make sure that the website or the
individuals are legitimate ones. If you wish to access your online bank
account, go directly to the bank's website and avoid clicking on links from
different websites or emails that claim to be genuine. They might redirect
you to imposter sites.

Don’t Reuse Passwords

Reusing the same password for different websites can be a problem. If you
are using the same password for all of your online accounts, a leak at any of
those accounts means that your login ID, mail ID and password are known.
The attacker could use your email address or username with the password
he obtained for logging into your accounts on other websites and he will be
successful. The attackers can even make use of the password and email
confirmation for accessing your email account and you will definitely be in
trouble if the password for both of those accounts is the same.

Nowadays, password leaks have become more frequent. By using different

passwords for different accounts you can stay safe even if any of your
accounts gets hacked. It will be difficult to remember all of your passwords
if you have multiple accounts. In such cases, you can use a password
manager. Password managers provide strong passwords to the user.

Use Secure Passwords

You can use password managers for securing your passwords, which ideally
contain combinations of numbers, symbols and letters and which are
reasonably strong. Many users use surprisingly simple passwords like
"letmein", "qwerty", "12345" and "password" for logging into their accounts
in different websites. It is pretty obvious that these passwords are not
secure.
Chapter 3.Tips for Ethical Hacking
Before going any further, you should have an idea on what ethical hacking
exactly is. In the area of computer science and network security, hacker is
the term used for a person who exploits a system by taking advantage of the
vulnerabilities in it. In other words, he is a person with a very good
technical knowledge on computers. This term is a widely misunderstood
one. Because of the media, most of the common people think that hacking is
something which is completely illegal and hackers are criminals. In reality,
it is a person who works for enhancing the security of a system. These
people are called ethical hackers. In fact, the people who hack a computer
with illegal intentions are called crackers.

Here are some tips which will help you become a good ethical hacker.

 If you wish to become a successful ethical hacker, you should possess

good knowledge on the working mechanisms of operating systems.
Each operating system has its own design and you should be able to
deal with them. If you are just sticking to a single operating system,
you are basically decreasing your chances of becoming a successful
ethical hacker as you have narrowed down the possibilities. By
learning how different operating systems work, you are basically
learning about their security vulnerabilities. Always note that the
security issues of different operating systems are different.The impact
of your methodology, feasibility and exploit can directly be linked with
an OS. You should know your way around different operating systems.
Learning the Linux operating system is recommended. You should
have a good grip on the commands and directories of an operating
system. You should efficiently cover your trails and should be good at
editing data. You are basically reducing your chances of being caught
if you know where the system files and system logs are present. By
learning and knowing the directory layouts and commands of an
operating system, you can save a lot of time.

 You should also possess some decent knowledge on the areas related.
Your skills at hacking should be superior to those of a script kiddie.
You should know how to use the code of scripting languages and
programming languages like Python, Ruby, C, Perl etc,. It will be an
added advantage if you are strong with security and network analysis.
 Rather than depending on the code written by others, it is better to
use your own code depending on the requirements.

 If you are strong with your network , you should see that you possess
the required knowledge before you attack a network. You should
always have beforehand knowledge on your network before attacking
it. By knowing the layout of the network, you can plan your attack
with an appropriate strategy.

 Writing down your steps and plans is a really good practice and it
proved to be extremely helpful. You can keep your steps clean and
organized by having a plan beforehand. By planning, you can keep a
track of the things completed and the things yet to be done. You can
constantly check your progress and can take the necessary steps. By
having a plan, you can avoid the repetition of steps and this will save
you a great deal of time. You will be creating obvious and unnecessary
traffic when you repeat the steps that you have already performed and
it is a risk. Generating unnecessary traffic might get you exposed.

 You should know how your tools work. You should know the working
of each and every tool that you use. By possessing the required
knowledge on the tools’ functionalities, you will be able to choose the
right tool for the job. Some tools might take a lot of time for
completing the task and some tools might be an overkill. So, choosing
the right tool for the job is an important characteristic of an ethical
hacker. You can't use a crowbar for drilling a small hole in the wall
and similarly you can't use a hand drill for digging a pit. You should
use the right tool for the job. For instance, using the wrong Nmap
might result in you getting caught. Keep in mind that the hacking
tools are unpredictable. It is strongly recommended that you learn the
working of every tool before using it in an attack.

 You should always have an alternate approach readily available in

situations where your primary approach doesn't work. Having a
different thinking is something which differentiates a good ethical
hacker from mediocre hackers. Having a different approach for your
plan will be a good as it cannot be expected easily. With such plans,
you can hide easily. It is not a compulsion for you to have your unique
own ways but having them will give you an upper hand for sure. It is
wise to keep more than one method for exploitation. Even if they
 suspect exploitation, it will be hard for them to trace it back to you if
you are using your own methods.

 Documenting everything you do is a very good practice. You will

probably be working for an organization or the company that hires
you for your services. And they probably would want to take a look at
your work. After your work you should submit them with A complete
and detailed documentation of your work, as they are the ones paying
you. You can write down notes or take screenshots of your work after
every activity. Both are really good practices. This way, if you face a
similar problem in the future, this will act as a reference or it can be
shown to other people as an example. There are softwares which save
your work frequently and constantly after equal intervals of time. You
can make use of such software for documenting your work.

 You should be good at it talking with managers, project managers and

developers of the organization or company that hired you. The
company CEO might not understand the work you did for them. It is
advised that you deal with such matters with people like project
managers, managers or developers. They can look into your work and
they can explain it to their CEO. If you wish to grow as a successful
ethical hacker, you should have good communication skills and
without them your findings may become less valuable.

 Get involved in the hacking communities. Your involvement in such

communities will definitely help you with your aim to become a good
ethical hacker. It is not always possible to keep the track of all the
latest issues of the security industry. You can take the help of hacking
communities in such cases. Hackers in the hacking community post
the latest security issues. You can spend some time on the community
with other members and, with this you can keep yourself updated and
can also learn new things regularly. Members will post about your
tools, methods and vulnerabilities. This information can be used for
your own methods. There are many hacking communities online and
you can choose and join after selecting a few. Some hacking
communities are closed communities and they require a level of skill
set for gaining a membership and most of them are open. All you need
to do is to choose the one which suits you perfectly. You can even join
in two or more communities. But it is recommended that you limit
your membership to 3 communities at max. Many people in these
 communities come forward to teach the tricks and techniques they
have learnt to beginners. You might find someone with good
knowledge to teach you. You can take part in the debates and
conversations and they will help you in increasing your knowledge
drastically. You can exchange ideas and knowledge. Always remember
not to completely reveal your techniques; after all you don't want
other people stealing your job. If you find anything interesting or
worthy, share it with other community members and let them know.
This way, you can make new friends and at the same time you are
sharing knowledge.

 You should be good at finding in fixing the bugs in the software. It is a

must for a professional ethical hacker. Apart from attackers, bugs are
also an issue in the cyber security world. Bugs are also considered as
the vulnerabilities and as an ethical hacker, it is your duty to search,
find and fix them. You should be able to give a valid demonstration on
why the bug is a security issue and if questioned, you should be in a
position to give the detailed explanation on the security risks it
possesses. Anyone with a computer can find the cross site scripting
issues but you need to be good to exploit it as it requires some prior
skills.

 Making your own tools and using them is a really good way to become
successful ethical hacker. It is better than using the tools of others.
You might not be perfect in the beginning but, with practice, you will
definitely get a lot better. You cannot always find right tools for the
job. In such situations, you should be capable of designing the tools on
your own. For this, you don't have to start from scratch. There are
many open source tools readily available online and you can use them
to make your own custom tools.
Conclusion

With this, we have come to the end of the book and I hope you have enjoyed
learning the basic concepts of penetration testing, ethical hacking and basic
security. This book isonly intended for amateurs who are interested in
ethical hacking and it is important that you remember black hat hacking is
illegal and punishable by law. Hope this knowledge helps you gain a basic
understanding of what ethical hacking is all about.

I thank you for downloading this book and hope you have found the content
informative and easy to read.