Hackers have become an essential part of our security ecosystem.
Jeffrey Massimilla
“Hacking: Easy Hacking for Beginners – How to Hack Computers, Penetration Testing and Cracking Security”
Chapter 1: Hacking – The Fundamentals
In general, the term “hacking” refers to the process of accessing a computer or network
without the user’s approval. The “hacker” (i.e. the person who performs the action) uses
his/her skills and tools to break the target’s defenses. According to computer experts, the
most dangerous aspect of hacking is that it doesn’t end once the unauthorized access has
been established. Most hackers execute an attack to steal information, destroy systems, or
prevent authorized users from logging in. Because of this, hacking is considered as an
illegal activity. Many countries have existing laws that prohibit hacking.
However, it is important to point out that hacking has positive aspects, too. For example,
you can hack a computer or network to test its defenses. This process, which is called
“penetration testing,” allows businesses and organizations to enhance their defenses
against the bad guys. Some organizations are actually willing to hire hackers as part of
their security team. With this approach, organizations increase their chances of detecting,
stopping and preventing hacking attacks.
Two Kinds of Hackers
Computer experts divide hackers into two kinds – black hat and white hat. Let’s discuss
each kind of hacker in detail:
Black Hat – These people hack systems with malicious intentions. They use their
skills to view/steal confidential information or bring the target network down. In
some cases, black hat hackers install keyloggers and other malware into their
victim’s computer to collect sensitive information (e.g. credit card numbers, social
security numbers, etc.). If you’ll ask someone to describe a hacker, he/she will
likely describe a black hat one.
White Hat – A white hat hacker uses his skills and tools to help companies and
organizations. He/she performs harmless attacks to test the target’s defenses and
find potential weaknesses, then he/she will submit the information to the business
owner or network administrator. This way, the authorized people can implement the
necessary changes and strengthen the network’s digital security.
At this point, you should know that there are only two main differences between a black
hat hacker and a white hat hacker. These differences lie on the person’s intentions and
whether he/she has the user’s permission. White hat hackers hack systems to help in
boosting the targets’ defenses, thus, they need to get the permission from the network
owner or administrator before doing any action. Black hat backers, on the other hand, do
their magic “in the shadows.” They hack systems for malicious reasons.
Important Note: Hacking can get you incarcerated. Because of that, this book will focus
on white hat (also known as “ethical”) hacking. This way, you can use your knowledge
and skills without breaking the law.
Chapter 2: Penetration Testing – The Basics
A penetration test is a process where a hacker attempts to gauge the security of a network.
He does this by gathering information about the target and launching hacking attacks.
Obviously, the hacker needs to follow certain procedures and use computer programs to
carry out the test. Abstract knowledge isn’t enough to break a network’s defenses.
To help you become a skilled ethical hacker, this chapter will discuss the exact steps that
you need to take when conducting a penetration test. It will provide detailed instructions,
explanations and examples to help you master the topic. Additionally, it will tell you the
best hackings tools for each procedure. Study this material carefully if you want to
become a successful hacker.
This chapter consists of three parts: (1) reconnaissance, (2) tools and (3) conducting the
penetration test.
Reconnaissance
This is the first part of the hacking process. Here, you will gather information about your
target using different tools and techniques. Elite hackers consider this as the most
important aspect of any penetration test – the information gathered here helps in
identifying the best points of attack and the tools that must be used for the process. You
can significantly increase your chances of success by spending enough time in the
reconnaissance phase. Here are three techniques that you can use:
Social Engineering
Basically, the term “social engineering” refers to the process of establishing a false
relationship with a victim to force him to do things that he wouldn’t do for strangers. For
example, you can use a social engineering attack to get the phone number or credit card
information of your targets. In this part of the book, you will learn about the social
engineering tricks that you can use while hacking networks.
The Missing Drive – This trick is simple and effective. When using this trick, you
just have to pretend that you have found a USB drive in the target’s building. You’ll
just walk up to the front desk and inform the people there about the “missing USB
drive” that you have found. The USB drive involved here may contain a malicious
program (e.g. a keylogger or a remote console application). To enhance the
effectiveness of this trick, you may place the target’s logo on the USB drive or write
some interesting note on it (e.g. Employee Bonus 2016).
Your main goal is to encourage the front desk officers to plug the USB drive into
one of their computers. Once this is done, the program inside the drive will run
automatically and install its contents onto the client. The delivery aspect of this
trick is clear and simple. The most difficult part lies in preparing the USB drive.
The Meeting – This attack aims to install an unauthorized WAP (i.e. wireless access
point) onto the target’s network. When conducting this attack, you need to
communicate with your target personally. Here, you need to set a meeting with your
target (i.e. preferably a manager) with the pretext that you are considering a huge
business transaction with the company. Make sure to set the meeting a few minutes
after lunch and arrive about 45 minutes before the schedule.
Talk to the receptionist about your meeting and claim that you came early because
you did something in a place nearby. Then, have an accomplice call you on the
phone. Once the call comes in, ask the receptionist about a place where you can
take the call privately. There’s a great chance that she will offer you a conference
room. Get inside the room and install your WAP onto a wall jack. Make sure that
the WAP is hidden. Lastly, connect the access point to the network using a cable.
Physical Penetration
According to expert hackers, the best way to collect information during a penetration test
is by accessing the target physically. This approach allows you to gather tons of data and
connect these to the target’s digital infrastructure without worrying about border security.
Obviously, attacking a target becomes easy and simple if you can get inside it. Even the
great city of Troy fell when a wooden horse got inside its territory.
In this part of the book, you’ll learn about several techniques that you can use to get inside
your target. Keep in mind that these techniques help you in accessing the target, not
attacking it. You’ll discover the actual attacks in the next section.
The Smoker’s Entrance – Employees are usually not permitted to smoke inside the
company’s building. Because of this, most companies place their smoke areas close
to a secondary entrance. Often, this kind of door doesn’t have any security
mechanism.
Hackers get inside the target building using three things – a lighter, a cigarette pack
and a homemade ID badge. It would be best if you’ll spend some time monitoring
and watching the employees as they enter and exit the building. This approach helps
you in mimicking the behaviors of the company’s employees. Make sure that your
appearance suggests that you have spent several hours doing your tasks and exited
the building just a few minutes ago. Never do this trick if you look like you just got
out of the bathroom.
Checkpoints – Some companies have checkpoints that are manned by an employee
(e.g. reception area, guard desk, etc.). Often, visitors should get an appropriate
badge before entering the building. When it comes to high-rise or multi-floor
buildings, the desk is often located between the entrance and the elevators. In high
security buildings, however, employees and visitors need to pass through a mantrap
or a turnstile. These setups sound intimidating. However, you can get past these
defensive structures easily if you will use logic and creativity.
◦ Multi-tenant Buildings – The strategy that you will use in this kind of setup
is straightforward. You’ll just go to the guard’s desk or receptionist, present an
ID and state the reason for your visit. The person in charge will talk to the
person or company you wish to visit, confirm your appointment and tell you
where to go. Usually, you will receive a visitor badge with your name and photo
in it.
The badge that you received will allow you to get inside the building. If the
place you are attempting to break in does not have an ID system or any turnstile,
you can get inside the elevators easily. You can maximize the benefits offered by
a visitor badge by going straight to the bag checker/s. These people will see your
badge and think that you’ve been checked by the guard at the building’s
entrance. The guard at the entrance, on the other hand, will likely assume that
his colleagues in the upper floors will facilitate the bag check.
◦ Single-Tenant Structures – If a company owns the building it is in, it usually
implements its own security procedures. That means the strategy that you will
use is different from the one outlined above. Although you can check the type of
badge system used, you only have one chance to get into the building. You may
get past the target’s defenses by setting up an appointment. However, the
security personnel will likely walk you to the checkpoint or lobby and get the
visitor badge as soon as the meeting is done.
According to elite hackers, the best way to get inside the building is to work as a
group. This approach allows you to get past the checkpoint while your
accomplices distract the guards.
Insider Attacks
The techniques discussed above can help you in gathering information about your target
and getting access to it. In this part of the book, you’ll learn about the attacks that you can
use to exploit your target.
The Preparations – The attacks that you will execute depend on the target you’re
trying to hack. In general, you should work using the computers provided by the
target and start with little information about the security mechanisms implemented
in it. Assume that you cannot download anything from the internet, thus, you should
bring all of your tools with you even before entering the target’s premises. Store
your tools in a CD or thumb drive so you can hide and carry them easily.
Because the built-in equipment of your target may be centrally controlled, partially
locked or completely hardened, you need to bring bootable media that can provide
high-level access to the network and local computer. Also, you should have a hard
disk with a pre-installed OS (i.e. operating system). This tool becomes extremely
useful when you are working on a computer with full drive encryption and
inaccessible CMOS.
The Initial Phase – While doing a penetration test, you will surely encounter a
Windows machine: a laptop or personal computer that runs on a Windows operating
system. This kind of machine is usually connected to a LAN (i.e. local area
network) and uses the domain login of Microsoft Windows. Log in to the computer
and check the system. Use the “file explorer” feature of the machine to navigate the
network. You may find some drives and domains you already have access to.
The main objective of an insider attack is to collect information about the target,
thus, you have to search for files and servers with interesting names (e.g. HR,
Payroll, Engineering, etc.). After discovering the limits of your access and the
important parts of the network, you can elevate your user privileges.
Getting Admin Privileges – Each computer has several pre-installed accounts, some
of which have high-level privileges. Often, the account with the highest access
privileges is called “Administrator.” However, most network admins rename the
account to protect it from hackers. If you encounter this kind of defensive strategy,
look for the user group called “Administrators.” This group houses almost all of the
admin accounts in a computer, regardless of their name. You can check the
members of this group by accessing your command prompt and running the
following command: net localgroup Administrators
The simplest way to access the admin account is to give it a new password.
Resetting the password while the system is running requires you to enter the current
password of the account. All Windows machines protect user passwords so that
none of the users can view it while the OS is active. There are programs that can
help you in accessing the password file, but they may trigger an alert if your target
has a network-wide antivirus system.
To reset the admin account’s password, bring a removable storage that contains an
OS. Plug the removable drive into the computer and reboot it. This time, make sure
that the computer runs the OS inside the new drive. Since you are no longer using
the computer’s OS, you can access the password file (also known as “SAM”).
Usually, you’ll find the computer’s SAM file in this directory:
Windows/system32/config.
Hacker World 