Defense against the Black Arts
eBook - ePub

Defense against the Black Arts

How Hackers Do What They Do and How to Protect against It

  1. 412 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Defense against the Black Arts

How Hackers Do What They Do and How to Protect against It

Book details
Book preview
Table of contents
Citations

About This Book

Exposing hacker methodology with concrete examples, this volume shows readers how to outwit computer predators. With screenshots and step by step instructions, the book discusses how to get into a Windows operating system without a username or password and how to hide an IP address to avoid detection. It explains how to find virtually anything on the Internet and explores techniques that hackers can use to exploit physical access, network access, and wireless vectors. The book profiles a variety of attack tools and examines how Facebook and other sites can be used to conduct social networking attacks.

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access Defense against the Black Arts by Jesse Varsalone, Matthew McFadden in PDF and/or ePUB format, as well as other popular books in Art & Art General. We have over one million books available in our catalogue for you to explore.

Information

Publisher
CRC Press
Year
2011
ISBN
9781466509207
Edition
1
Topic
Art
Subtopic
Art General

Chapter 1

Hacking Windows OS

Introduction

The word hacker has both positive and negative connotations depending on who you talk to and in what context the person is using the word. There are also many levels of hackers, from script kiddies to elite hackers. Some countries actively engage in the act of attacking the computer systems of other countries; their purpose is to steal intellectual property and government secrets. This brings us to another point—hackers are usually divided into three categories: white hat, gray hat, and black hat. The white hat hackers use their skills for good, while black hat hackers often do “bad things.” The gray hat is somewhere in the middle. I do not encourage people to engage in illegal activity under any circumstances. On the other hand, sometimes testing a proof of concept in a virtual environment is necessary to “see how the other side operates.” Learning how the bad guys do what they do will help us better understand security.
Like many other people in the industry, I have decided to use my skills to earn an honest living. However, even if you are an honest person, you can have fun doing some hacking as long as you are not engaging in illegal activity. My recommendation is for you to set up a test lab at home where you can practice these concepts and skills (see Figure 1.1). You can then use these skills when you have the legal and written permission of the person or organization you are assisting. In summary, hacking is a fun hobby that can turn into a lucrative career as long as you stay on the good side of the law.
image_001
Figure 1.1 An example home test lab.

Physical Access

Many people within the computer industry have the opinion that security does not count when an attacker has physical access to your computer. I strongly disagree with that opinion; security always counts especially when an attacker is able to get physical access to your box. It does not have to be “game over” just because an attacker gets physical access to your machines. There are measures you can take, such as disk encryption, to secure your computers from physical attack. This chapter will discuss what measures can be taken to secure a Microsoft Windows operating system and how vulnerable these systems can be when proper precautions are not taken.
The majority of people who approach a computer at a Windows logon screen are halted in their tracks. The average individual figures that without the username and password, there is no chance of getting into the system. A skilled hacker with physical access should be able to break into a Windows operating system in less than 5 minutes. When a hacker sees this logon screen, they know there are several tools they can use to easily get into this system. This chapter will discuss several ways to get into a Windows operating system without having the username or the password.
image_002
At the Windows logon screen, you are “required” to press Control-Alt-Delete to logon to the system. If you are at the Welcome screen, you just need to click on the user’s name then type in the password (if one is required). Average users believe that control-alt-delete is the only key sequence that can be used at this screen. Hackers think differently; they know that hitting shift five times will invoke “sticky keys,” and hitting the Windows key and the “U” key will invoke the utility manager.
image_003
These key sequences work in Windows 2000, XP, 2003, Vista, 2008, and Windows 7. Sethc.exe and Utliman.exe are the files associated with these Windows programs that can be launched prior to logon. The Windows operating system can be easily hacked by locating these files in %SYSTEMROOT%\system32 and replacing them with other known good Windows files like cmd.exe or explorer.exe. This chapter will guide you on how to use a Live CD to perform these steps. However, before you embark on hacking Windows you will need to know how to burn an ISO, or disk image file.

Live CDs

There are a large variety of Live CDs that can be utilized to assist you in your quest for Windows domination. A Live CD is a special utility that can run an entire operating system from the CD, and allow the user to access and manipulate files on the hard drive. The website http://www.livecdlist.com provides a good list of many popular Live CDs and links to download the ISO files.
image_004
Live CDs are extremely useful tools that can be utilized by individuals with good and bad intentions. A Live CD will allow network administrators to run Linux on their system without installing it or changing any of their system’s configurations. Law enforcement can use Live CDs lik...

Table of contents

  1. Cover
  2. Halftitle
  3. Other
  4. Title Page
  5. Copyright Page
  6. Table of Contents
  7. Foreword
  8. Authors
  9. 1 Hacking Windows OS
  10. 2 Obtaining Windows Passwords
  11. 3 Imaging and Extraction
  12. 4 Bypassing Web Filters
  13. 5 Manipulating the Web
  14. 6 Finding It All on the Net
  15. 7 Research Time
  16. 8 Capturing Network Traffic
  17. 9 Research Time: Finding the Vulnerabilities
  18. 10 Metasploit
  19. 11 Other Attack Tools
  20. 12 Social Engineering with Web 2.0
  21. 13 Hack the Macs
  22. 14 Wireless Hacking
  23. Index