Basic Methods of Hacking
1. Email or the user information
2. Web based hacking.
Email or user information:
These days the most commonly used and famous way of hacking user information like Emails, Passwords, Credit card details are as follow:
a. Phishing
b. Brute Forcing
c. Keylogging
d. Trojans
A.Phishing
Phishing is basically a massive attack. What a hacker does is, they created an absolutely look alike page or we can call it Ditto copy of some website like yahoo or gmail. They upload it to their own server. And give the link to any newbie user.
When they open it, they think that they are on the yahoo or gmail page, they put in their username and password, click on submit and yes you might have guessed it right! your information has been submitted. This is widely used by new people trying to entering into hacking world.
Disadvantages: Still many people give it a try before going for phishing, because the only problem in phishing is, even if the victim knows a little about internet, he will read the URL and understand that it is not a genuine website and careful looking into really helps. You can avoid phishing by taking this precautions.
B.Brute Forcing
Brute forcer is basically a program which could be called as a “cracker”. In brute focer you put the username you want to hack, and as a password you put a notepad file which has almost all of the existing english words in it.
So what it does is, it will try each and every word from that file and see if anything matches. You might have noticed some topics like “huge pass list” on different forums, they are nothing but the password list to put into your bruteforcer.!
Disadvantages:
1. Sometimes brute forcing may just go for ages!
2. It isn’t guaranteed
3. These days many people have alpha-numeric-symbol password which is real tough for brutefocer to detect
4. Most of the famous sites like yahoo, gmail are designed in such a way that it will put the “image captcha” after 3 incorrect login attempts, which stops the bruteforcer.
C.KeyLogging
Keylogger helps you to create a little filed which is known as “server”. You gotta send your server to the victim. he has to click on it and then YOUR DONE! this is what happens.
Best possible way to hack someone. Keyloggers are basically a program which will install themselves in your victim’s computer and will keep on recording each and every keystroke pressed by the victim on his keyboard and it will send it to the hacker. There are many ways to receive the keystroke i.e. FTP, Email, Messengers. According to me this is the best way to trick your victim and get their information
Disadvantages :
1. When victim receives the keylogger, in most of the cases, their anti virus would auto delete them. So you have to convince them to disable the anti virus by bluffing something.
2. Sometimes firewall blocks the keylogs from being sent.
Tips:1. There are some programs which are known as “crypters” which will help you to make your server’s undetectable. So your victim’s anti-virus would not be able to detect them.
D.Trojans
Trojans are like father of keyloggers. Trojan sends you the keylogs just as keyloggers, on top of that, it lets you take the control of victim’s computer. Edit / delete/ upload / download files
from or to their computer. Some more funny features like it will make their keyboard go mad, it may kep on ejecting and re-inserting the cd ROM. Much more..
Disadvantages :
Same as keyloggers.
Tips :
Same as keylogger.
Web Hacking:
Now we are going to discuss some Commonly used web Hacking techniques which hackers basically use to hack websites.
This U can use to SAVE YOUR WEBSITE
1.SQL Injection
Most of the websites these days are connected to an SQL Database. Which helps them to store usernames and passwords [encrypted] when a guest registers to their website. SQL database processes a querie everytime a user logs in. It goes to the database, validates the password, if its correct then it logs in the user and if its not then it gives an error.
So the basic funda is executing a command to parase a query in the database to try to exploit the internet information of the database. I cant really put the entire tutorial about because this is the most complicated way to hack the website!
2.XSS
XSS is another nice way to ahck some website. Suppose if some website/ forum is allowing HTML in the psot or articles, then a hacker can post a malicious script into the content. So whenever a user opens up the page, the cookies would be sent to the hacker. So he can login as that user and take over the website up.
3.Shells
Shell is a malicious .php script. What you have to do is, find a palce in any website where you can upload any file like avatars, recepie, your tricks, your feedbacks. And you try to upload your shell files from there. And if its uploaded then WHOA!you open it from the URL bar and u can see the entire “FTP” account of that webhosting. You can rename/edit / upload/download anything u want including the index page.
This is also known as deface.
4. RFI:
RFI is a good way to deface a website. It is used with shell. Suppose you have uploaded your shell on:
Play safe and try to avoid this things.
Have a safe surfing and web digging……..