Category: Hacking

Posted on by

Beginners guide to Hacking

Hello, aspiring ethical hackers. In this blogpost, you will learn about the foundation concept of this blog and magazine, Hacking. Yes, in this blogpost, you will learn everything about hacking.

What is hacking?

Hacking is a term that is mostly used in the realm of cybersecurity nowadays. Hacking is the art of gaining access to a device or a network or a resource through other means than the usual means of access. This unauthorized way of gaining access is mostly considered illegal.

History of hacking

Nowadays, you can see the term “Hacking” being thrown around in the content of cyber security but the beginning of hacking had nothing to do with computers at all.

Yes, you read that right. Hacking, usually began as phreaking. Phreaking is the illegal practice of hacking into telephone systems to make free calls way back in 1970’s. A person who did phone phreaking was called a Phone phreak. Although, there were many phone phreaks at that time, the most famous (or infamous) among them would be John Draper, popularly known as “Captain Crunch”. John Draper used a toy whistle to mimic & manipulate tones of telephone systems to fool them to make free long-distance calls. The toy whistle he used was found in a box of “Captain Crunch” cereal and hence his other name.

The term ‘hacking’ was used as early as 1950’s and it was used to define any person that explored the limits of a computer system. But computer hacking started spreading its wings after the personal PC era began in 1980’s.

The most notorious hacker at that time was Kevin Mitnick who performed many hacking attacks on some of the world’s largest companies at that time. As internet evolved in 1990s and 2000s, you know what hackers can do now.

Terminology of hacking

To understand hacking, you need to have a basic understanding of some of the terms related to hacking. They are,

Hacking 1 2

1. Asset:

In an organization, anything of value is considered as an asset. For example, employee records of the organization, employee credentials, records of its customers, the servers, computers etc are considered of value to the organization.

2. Threat:

Any action or event that can disrupt the organization’s activities can be termed as threat. For example, these actions can be deleting the user accounts of employees of the organization, making their services unavailable to their customers etc.

3. Vulnerability:

A vulnerability is a weakness in the system application or network of the organization.

4. Exploit:

The programing code written to take advantage of this vulnerability is known as exploit. (A zero-day vulnerability is a vulnerability which doesn’t have any patch yet).

5. Patch:

Code written to mitigate the vulnerability in the system, application or network is known as a patch. (You should have heard of Exploit Database. As the name of the website implies, it hosts all the exploits or POC’s. A proof of Concept is the exploit code written to demonstrate the vulnerability.

6. Payload:

In hacking, exploit takes advantage of the vulnerabilities. After exploiting the vulnerability, hackers usually run specific code. This code is known as payload. For example, ms_08_067 is a vulnerability which is exploited by the exploit module of same name, while meterpreter is the payload. Learn more about the payloads here.

7. Impact:

The damage done to the asset due to exploitation of vulnerability is known as impact.

    Types of hackers

    You have learnt that a person performing hacking is known as a hacker. Based on the type of hacking they perform; hackers can be classified into different types. They are,

    Hacking 2

    1. Black Hat Hacker:

    A Black Hat Hacker is a hacker who performs all illegal hacking attacks. These are the villains in the domain of hacking.

    2. White Hat Hacker:

    If there are bad guys of hacking, there are bound to be good guys of hacking. White Hat hackers are the good guys of hacking. They protect the organizations from the Black Hat Hackers.

    3. Grey Hat Hacker:

    Like the Grey zone, these hackers are in the group of ambiguous zone, who cannot be necessarily called Black Hat or White Hat hackers. For example, a person working as a White Hat Hacker in day and taking Black Hat assignments at night.

    4. Green Hat Hacker:

    Green Hat Hackers are those hackers who have no knowledge but are “experts” at using readymade tools and exploits made by Elite Hackers.

    5. Red Hat Hacker:

    Red Hat Hackers are White Hat Hackers that try to take down or prevents Black Hat Hackers. They sometimes use aggressive tactics to achieve their goal.

    6. Blue Hat Hacker:

    Blue Hat Hackers (also known as Blue Teams) are hired to test the organization for any vulnerabilities or weaknesses. They are similar to White Hat Hackers but are extreme.

    7. Hacktivist:

    A hacktivist is a type of hacker who hacks to promote a political or social or environmental cause.

    8. Elite Hackers:

    At the opposite ends of Green Hat Hacker or script kiddie, we have the Elite Hackers who have deep knowledge of hacking. He/she likes to write his/her own exploits, find zero-days etc.

    9. Advanced Persistent Threats (APTs):

    APT’s are state-sponsored hackers (more rightly hacker groups) that are specifically used to target enemy nations, perform cyber espionage, collect information etc.

    Posted on by

    Linux privilege escalation for beginners

    Hello, aspiring ethical hackers. This blogpost is a detailed guide on Linux privilege escalation. Linux privilege escalation comes afterLinux hackingand is part ofPost-exploitationof Linux.

    What is Linux privilege escalation?

    Privilege Escalation Guide 7 1

    Linux privilege escalation is the process of elevating privileges on a Linux system after successfullygaining accessto a Linux system.

    Why is it important?

    Linux hacking is one of the most important topics in ethical hacking. Why? According to the Statcounter global stats, as of March 2024 operating system market share, the topmost operating systems being used around the world are Linux or its variants. The same report also states that usage of Linux as desktop increased to 4.05% this year. Also note that majority of the servers around the world are Linux servers. So, learning Linux hacking can provide lot of knowledge. But what are the various methods used for hacking Linux systems.

    Linux privilege escalation techniques

    There are multiple ways by which hackers can elevate privileges on a Linux system. They are,

    1. Exploiting SUID binaries.
    2. Exploiting SUDO privileges.
    3. Exploiting services running as root.
    4. Exploiting misconfigured cron jobs.
    5. Exploiting kernel vulnerabilities.
    Linux Privilege Escalation 1

    1.Exploiting SUID binaries:

    Just like Windows, Linux too has many binaries on the system. These binary files too have permissions just like any file in Windows. Apart from the regular permissions of a file, Linux has special permissions for some binaries.

    These permissions are called SUID or SetUID permissions also known as Set Owner User Identification (SUID). This permission allows a user with low privileges to run a binary or script under the power of the original owner of the particular file. So, if a SUID or SetUID bit is set to a particular binary or a root user has created a binary file and has set a SUID bit to it, this file can be exploited to gain root permissions on the target Linux system.

    2. Exploiting SUDO rights:

    SUDO is a very important concept in Linux. Sudo stands for ‘Super User Do’ and is pronounced as “su dough”. SUDO lets users run commands with root privileges from their own account. Learn more about exploiting SUDO privileges.

    3. Exploiting services running as root:

    Privileges can also be elevated on Linux by exploiting services running as root. Some services running on Linux are configured to run with root privileges. By exploiting any vulnerability in these services Root privileges can be acquired.

    4. Exploiting misconfigured cron jobs:

    In Unix system, cron is used to schedule jobs for automation. Some jobs that are misconfigured can be exploited to gain root privileges.

    5. Exploiting kernel vulnerabilities:

    Vulnerabilities in the Linux kernel can be exploited to gain root privileges.

    Posted on by

    Windows privilege escalation for beginners

    Hello, aspiring ethical hackers. In this blogpost, you will learn about Windows privilege escalation. Windows privilege escalation comes after Windows hacking and is part of Post-exploitation of Windows.

    What is Windows privilege escalation?

    Windows privilege escalation is the process of elevating privileges on a Windows system after successfully gaining access to a Windows system.

    Privilege Escalation Guide 1

    Why is it important?

    According to StatCounter Global Stats, over 72.52% of people worldwide use Windows as their Desktop. That is the reason why Windows privilege escalation is one of the most important topics of ethical hacking.

    Windows privilege escalation techniques

    There are multiple ways by which hackers can elevate privileges on a Windows systems. They are,

    1. Exposed credentials
    2. Bypassing UAC
    3. Exploiting services running with administrator privileges.
    4. Windows kernel vulnerabilities.
    5. Misconfigured services.
    6. Windows Registry.
    7. Scheduled Tasks.
    Windows Privilege Escalation 1

    1. Exposed credentials:

    Sometimes, the credentials of user accounts with administrator privileges on a Windows system are exposed. Most people still store Windows credentials on Desktop for easy access (you may not believe this but this is true). So, attackers can login as user with high privileges using these exposed credentials.

    2. Bypassing UAC:

    User Account Control (UAC) is a Windows security feature that was designed to protect the operating system. Introduced with Windows Vista, it is a mandatory access control enforcement feature. It works by limiting application software to standard user privileges until a user with administrator privileges authorizes an elevation in privileges.

    This allows only applications that are trusted by users to be assigned administrator privileges. However, vulnerabilities in this UAC sometimes allows hackers to bypass UAC and get administration privileges on the target system.

    3. Exploiting services running with administration privileges:

    Some applications installed on Windows by users need administrative privileged on the system to run. If attackers exploit any vulnerabilities in these applications, they can easily elevate their privileges on the Windows system.

    4. Windows kernel vulnerabilities:

    Windows kernel in Windows (or for that matter any operating system) has the highest privileges assigned to it. If attackers exploit any vulnerabilities in the Windows kernel, they can elevate their privileges on the Windows system.

    5. Misconfigured services:

    Misconfigurations in services on Windows can also be exploited to escalate privileges on Windows system.

    6. Windows Registry:

    Windows registry is a hierarchical database that stores all low level; settings of Microsoft Windows. Weak permissions in the Windows registry can also be exploited to elevate privileges.

    7. Scheduled Tasks:

    Windows Task Scheduler (formerly known as Scheduled Tasks) is used to automate jobs and tasks in Windows just like cron jobs in Linux. Weak file permission setting in Task scheduler can be exploited to elevate privileges on a Windows system.

    Posted on by

    Linux hacking guide for beginners

    Hello, aspiring ethical hackers. In this blogpost, you will learn about Linux hacking. It comes under gaining access, third of the 5 phases of ethical hacking.

    What is Linux hacking?

    Although Linux hacking can be generalized as any type of hacking attempt made on Linux systems, gaining initial access to the Linux system can be termed as Linux Hacking.

    Why is it important?

    Linux hacking is one of the most important topics in ethical hacking. Why? According to the Statcounter global stats, as of March 2024 operating system market share, the topmost operating systems being used around the world are Linux or its variants. The same report also states that usage of Linux as desktop increased to 4.05% this year. Also note that majority of the servers around the world are Linux servers. So, learning Linux hacking can provide lot of knowledge. But what are the various methods used for hacking Linux systems.

    Linux hacking techniques

    There are multiple ways by which hackers can gain initial access on Linux systems. They are,

    1. Vulnerabilities in the operating system or kernel
    2. Application vulnerabilities.
    3. Payloads & malicious software.
    4. Password attacks.
    5. Misconfigured services.
    6. Social- engineering
    Linux Hacking 1 1

    1. Vulnerabilities in the operating system or kernel:

    An operating system or kernel is the core of any Linux system. Organizations around the world use various versions of Linux operating system for different purposes. So, any vulnerability exposed in the operating system can be exploited by hackers to gain initial access.

    For example, in 2014, a vulnerability named Heartbleed was detected in the OpenSSL package that comes inbuilt with Linux kernel. It was used to exploit HTTPS enabled websites of Yahoo, Google, Dropbox, Facebook and other thousands of websites.

    2. Application vulnerabilities:

    A lot of applications or programs are installed on Linux for performing various functions. Any vulnerabilities in these installed programs can be exploited successfully to hack the Linux system. For example, hackers exploited Apache ActiveMQ software to deploy Kinsing malware on the infected systems in November 2023, Apache ActiveMQ is used as a communication bridge between multiple components that can be hosted on separate servers.

    3. Malicious payloads:

    Hackers just don’t use vulnerabilities to gain access. They also use malicious payloads like malware and virus to hack Linux systems. Since 2023, malware especially ransomware designed for Linux systems in or the rise. This malware is usually delivered by exploiting vulnerabilities, phishing attack or drive-by downloads. Examples of some payload generators are msfvenom, Veil, MSFPC, Cypher etc.

    4. Password attacks:

    As already mentioned, most of the servers in the world are built on Linux as it is open source. These include services like FTP, HTTP, SSH etc. If credentials of any of these services are cracked by hackers, it will provide a way to gain access to the underlying Linux server. Learn more about password cracking.

    5. Misconfigured services:

    Sometimes, services being used in the target Linux systems can be misconfigured either by mistake or by ignorance. Hackers can exploit these misconfigurations to hack the Linux system. For example, in March 2023, an advanced malware campaign exploited misconfigurations in Apache Hadoop, YARN, Docker, Confluence and Redis on Linux instances.

    7. Social-engineering:

    No matter how strong the firewall on the network is or how secure the Linux devices are in a network, if the employees of the organization are not well trained, they can eventually give hackers access into the network or Linux devices. Social-engineering is often very underrated as a factor that allows hackers to hack Linux systems. Learn more about social engineering.

    Posted on by

    Windows hacking guide for beginners

    Hello, aspiring ethical hackers. This article is a beginners guide for Windows hacking. It comes under gaining access, third of the 5 phases of ethical hacking.

    What is Windows hacking?

    Although Windows hacking can be generalized to any hacking performed on the Windows operating system, gaining initial access to the Windows systems is known as Windows hacking.

    Why is it important?

    According to StatCounter Global Stats, over 72.52% of people worldwide use Windows as their Desktop. That is the reason why Windows hacking is one of the most important topics of ethical hacking.

    Windows hacking techniques

    There are multiple ways by which hackers can gain initial access on Windows systems. They are,

    1. Vulnerabilities in the operating system or kernel
    2. Application vulnerabilities.
    3. Payloads & malicious software.
    4. Password attacks.
    5. Misconfigured services.
    6. Social- engineering
    Windows Hacking 1 1

    1. Vulnerabilities in the operating system or kernel:

    An operating system or kernel is the core of any Windows system. Enterprises around the world use Windows operating system for various purposes. As already mentioned, according to StatCounter Global Stats, over 72.52% of people worldwide use Windows as their Desktop. So, any vulnerability exposed in the operating system can be exploited by hackers to gain initial access.

    For example, in 2008, ms08-067 vulnerability was exploited by Conficker worm to infect millions of devices around the world. Similarly, another vulnerability in Windows software, Eternal Blue (ms17-010) was exploited by NSA for intelligence gathering and counter terrorism missions. When this vulnerability got leaked, it was exploited by the WannaCry ransomware attack that infected 2,30,000 Windows PCs across 150 countries.

    2. Application vulnerabilities:

    A lot of applications or programs are installed in Windows operating system to perform various functions. Any vulnerabilities in these installed programs can be exploited successfully to hack the Windows system. For example, macros feature in Microsoft office has been exploited for a long time by hacker groups around the world to gain initial access until this was banned officially by Microsoft. Macros is a feature in Microsoft office to automate procedures.

    In 2022, Chinese hacker group Cicada, exploited VLC Media Player, a popular and open source multimedia player to hack Windows systems and installed malware for espionage purpose. They did this by embedding a malicious file alongside the VLC Media Player’s export functions.

    3. Malicious payloads:

    Hackers just don’t use vulnerabilities to gain access. They also use malicious payloads like malware and virus to hack Windows systems. These payloads can be spread by using dive-by downloads or phishing. For example, Zeus trojan that specializes stealing banking information is spread through same techniques mentioned above. Examples of some payload generators are msfvenom, Veil, MSFPC, Cypher etc.

    4. Password attacks:

    Some Enterprise Windows systems are enabled with remote access so that employees can connect to them remotely for the purpose of their work. The protocols enabling remote access like SSH, FTP, Telnet and RDP etc. Cracking the credentials of these services give hackers a way to gain access to the servers and subsequently to the Windows system. Learn more about password cracking.

    As recently as November 2023, a Russian Hacker group (Midnight Blizzard) used password spraying attack, a type of password attack to compromise some corporate accounts of Microsoft users.

    5. Misconfigured services:

    Sometimes, services being used in the target Windows network can be misconfigured either by mistake or on purpose. Hackers can exploit these misconfigurations to hack the Windows system. In October 2022, Microsoft company exposed one endpoint to public internet without authentication. This led to data leak of 65,000 customers in 111 countries. The total size of the stolen data was 2.4 terabytes.

    7. The human factor:

    No matter how strong the firewall on the network is or how secure the Windows devices are in a network, if the employees of the organization are not well trained, they can eventually give hackers access into the network or Windows devices. Social-engineering is often very underrated as a factor that allows hackers to hack Windows systems. Learn more about social engineering.