jump to navigation

Hacking Toolz January 15, 2007

Posted by Vijay in Education.
Tags: , , ,
1 comment so far

I attended a workshop in Kurukshetra, the Techfest of Anna University in January. I write this blog to share some of the hacking tools i have known during that 3 hours of workshop. Hope everybody might have known the fundamentals and i dont think i need to start it from scratch. Hackers is of two types: Internal and External

Internal hackers pose the greatest threat to the IT systems of the world’s largest financial institutions, according to the 2005 Global Security Survey.

1. GetAdmin – This is a hacker utility which exploits flaws in MS Windows NT 4 OS and changes the administrative privilege of an account ie.any guest account can be changed to an administrator of the network.
Note: It doesn’t work in later version of windows
2. PipeUpAdmin – It is same as GetAdmin.But it works in MS Windows 2000. It has more enhanced features than GetAdmin.

Privelege Escalation is the process of exploiting a bug in an application to gain access to protected resources in the network. Cross Zone Scripting is a type of attack in which a website subverts the security model of web browsers so that it can run privilege escalationmalicious code on client computers. Vulnerability can be reduced by installing server packs and patches.

Password sniffing is an act of finding the password to gain access to the main system.
LC4 or L0phtCrack – This the most frequently used software for password sniffing. The good intention of this is that if the system admin has forgot the password then he can find the password within a minute. The bad intention is that it is used by hackers who can get all the passwords of a company within a minute. It usually uses the dictionary attack.

Session hijacking is the act of taking control of a user session after successfully obtaining or generating an authentication session ID. T sight Realtime – Once this software is connected to another system,the whole system is hijacked. A new window is opened in the hacker window and whatever the victim types over there Tsight display it in the hacker screen.

Port scanning software imply sends out a request to connect to the target computer on each port sequentially and makes a note of which ports responded or seem open to more in-depth probing.nmap is the mostly used software for port scanning.

Atlast i would conclude by listing some of the trojans and hacking tools with their use:

1. smbdie – This can kill the computer
2. netbus – trojan which can access the victim computer
3. elitewrap – this binds two exes which is used to combine a data file with a virus.

Note:

Some of the accurate definitions of the hacking tools are taken from Wikipedia

Advertisements