Recent Articles
Terms that Hackers and Crackers Use : Beginner Hacking Guide
Tuesday, August 10, 2010|
Surbhi Verma
Keylogger - (keystroke logging) a keylogger is a software used for logging or tracking keystrokes struck on victim's keyboard and saving them to a text file or sending them to an email address , it runs in the background in a stealth manner so the victim remain unaware that their actions are being monitored.
RAT - A RAT is short term of the word Remote Administration Tool. The RAT is used to remotely connect in one or more computers and remotely control those computers. It gives the attacker almost full control over the infected computer, infected computers are called zombies. Rats are of 2 type:
Legel - Victim knows that someone connected to him. for ex. Team Viewer
iIlegal - victim you are connected to, doesn't know that somebody is connected to him.
SQL Injection - SQL injection is the act of injection your own, custom-crafted SQL commands into a web-script so that you can manipulate the database any way you want. Some example usages of SQL injection: Bypass login verification, add new admin account, lift passwords, lift credit-card details, etc.
Bot - A bot is a program that is ran secretly in the background of a victim's computer. The bot connects to an IRC channel usually where a Bot Herder(its creator) can use a number of commands to control these computers that are now it's under control. A zombie computer(a pc under control of a bot herder) can be manipulated in a number of ways. Some functions of a bot include stealing victims passwords, keylogging, ddosing a server to cause it to crash, turning on the webcam and being able to watch the zombie computer's users, visiting a website(to gain money + traffic for a bot herder), clicking ads, making ads appear randomly, destroying itself(the pc), and sending spam to email contacts.
Botnet : (Robot Network, Zombie Army) botnets are networks of infected computers controlled by the attacker used send spam and viruses.
Crypter - A crypter is used to make well known hacker's viruses (such as keyloggers and botnets) undetectable by anti-virus software by changing the virus program signatures that anti virus programs have in their databases to make them easier to spread.
Binder - A binder is used to bind a virus(such as a keylogger,etc) to another program making it undetechtable and able to fool users into thinking its something else. for ex. If someone attach a virus with an exe file say photoshop.exe, then a victim will click on photoshop.exe and it will install photoshop as well as virus secretly.
FUD - Term for fully undetectable virus. (made by either coding your own virus or by crypting and binding an existing virus) Use http://novirusthanks.com (uncheck distribute sample) to check if your virus is undetectable.
Database - Used by most websites to store things such as User names, Passwords, Email, etc of an entire website or community.
XSS (Cross Site Scripting) - This vulnerability allows for an attacker's input to be sent to unsuspecting victims. The primary usage for this vulnerability is cookie stealing; if an attacker steals your cookie, they can log into any site for which they have stole your cookies.
Cookie Stealing/Spoofing - Used to fool a victim into clicking a link that will steal their cookies to websites which you can then use to have their privileges to various parts of a website or forum.
BruteForcer Attack- Program used to crack encrypted data such as passwords by trying all possible combinations of characters , bruteforcing takes a long time and sometimes can’t crack the password.
Dictionary attack - is a method used to crack a password or a key that tries all the words in a dictionary , the difference between a dictionary attack and a bruteforce attack is that it uses a predefined list of words.
Hashes - How passwords are usually stored, this is a way of crypting a password so it is not plain text, harder passwords are very hard to crack but simple ones have often been cracked and can be found on online databases. Some common password hashes include MD5 and SHA.
Social Engineering - Tricking a victim into doing something you want them to do by disguising or enticing them into doing what you want. its a act of manipulating people into revealing information or tricking the victim to performing actions that are beneficial to the user.
Phishing - Creating a fake login page to a well known website (IE Facebook) and then fooling a victim into entering their information on the fake login page through social engineering.
Proxies - A proxy server is a server that acts as a go-between for requests from clients seeking resources from other servers. This means we will be able to mask our ip address from other sites. For the crackers we use a proxy list.
What does this for?: Some sites like rapidshare ban our ip addresses after multiple logins. By using proxies we are able to pretend to be other computers which will enable us to login multiple times without getting our ip address banned.
Trojan Horse - a Trojan is designed to allow a remote access by a hacker to a target computer (it’s composed from two parts the server and the client) the server is installed on the victims machine , and the client is used by the hacker to connect to the server.
Things that can be performed by a hacker on a target computer :
1-data theft
2-installation of a software
3-downloading or uploading files
4-keylogging
5-viewing screenshots And more
Backdoor - is a means of access to a computer that bypasses security mechanism, I other words a backdoor is a method of bypassing normal authentication or securing remote access, a backdoor can be a form of an installed program or a modification to an existing program.
Worm - a worm is a self-replicating virus that does not alter files, but resides in active memory and duplicate itself, sometimes a worm’s job is to take advantage of a backdoor created by an earlier attack.
Vulnerability - (security Hole) a vulnerability is a weakness in the system, it’s also classified as a security risk.
Exploit - an exploit is an attack on a computer system that takes advantage of a vulnerability, the term exploit refers to the act of successfully making an attack.
RAT - A RAT is short term of the word Remote Administration Tool. The RAT is used to remotely connect in one or more computers and remotely control those computers. It gives the attacker almost full control over the infected computer, infected computers are called zombies. Rats are of 2 type:
Legel - Victim knows that someone connected to him. for ex. Team Viewer
iIlegal - victim you are connected to, doesn't know that somebody is connected to him.
SQL Injection - SQL injection is the act of injection your own, custom-crafted SQL commands into a web-script so that you can manipulate the database any way you want. Some example usages of SQL injection: Bypass login verification, add new admin account, lift passwords, lift credit-card details, etc.
DoS Attack ( Denial Of Service Attack) - DoS attack is an attempt to make a computer resource unavailable to its intented users, one common method of attack involves saturating the target machine with external communication requests.
DDoS Attack (Distributed Denial of Service Attack) - is pretty much the same as a DoS- but the difference in results is massive; as its name suggests the DDoS attack is executed using a distributed computing method often referred to as a 'botnet army', the creation process of which involves infecting computers with a form of malware that gives the botnet owner access to the computer somewhat. This could be anything from simply using the computers connection to flood to total control of the computer. These attacks affect the victims computer -> server more than a regular DoS- because multiple connections are being used against ONE connection.
Bot - A bot is a program that is ran secretly in the background of a victim's computer. The bot connects to an IRC channel usually where a Bot Herder(its creator) can use a number of commands to control these computers that are now it's under control. A zombie computer(a pc under control of a bot herder) can be manipulated in a number of ways. Some functions of a bot include stealing victims passwords, keylogging, ddosing a server to cause it to crash, turning on the webcam and being able to watch the zombie computer's users, visiting a website(to gain money + traffic for a bot herder), clicking ads, making ads appear randomly, destroying itself(the pc), and sending spam to email contacts.
Botnet : (Robot Network, Zombie Army) botnets are networks of infected computers controlled by the attacker used send spam and viruses.
Crypter - A crypter is used to make well known hacker's viruses (such as keyloggers and botnets) undetectable by anti-virus software by changing the virus program signatures that anti virus programs have in their databases to make them easier to spread.
Binder - A binder is used to bind a virus(such as a keylogger,etc) to another program making it undetechtable and able to fool users into thinking its something else. for ex. If someone attach a virus with an exe file say photoshop.exe, then a victim will click on photoshop.exe and it will install photoshop as well as virus secretly.
FUD - Term for fully undetectable virus. (made by either coding your own virus or by crypting and binding an existing virus) Use http://novirusthanks.com (uncheck distribute sample) to check if your virus is undetectable.
Database - Used by most websites to store things such as User names, Passwords, Email, etc of an entire website or community.
XSS (Cross Site Scripting) - This vulnerability allows for an attacker's input to be sent to unsuspecting victims. The primary usage for this vulnerability is cookie stealing; if an attacker steals your cookie, they can log into any site for which they have stole your cookies.
Cookie Stealing/Spoofing - Used to fool a victim into clicking a link that will steal their cookies to websites which you can then use to have their privileges to various parts of a website or forum.
BruteForcer Attack- Program used to crack encrypted data such as passwords by trying all possible combinations of characters , bruteforcing takes a long time and sometimes can’t crack the password.
Dictionary attack - is a method used to crack a password or a key that tries all the words in a dictionary , the difference between a dictionary attack and a bruteforce attack is that it uses a predefined list of words.
Hashes - How passwords are usually stored, this is a way of crypting a password so it is not plain text, harder passwords are very hard to crack but simple ones have often been cracked and can be found on online databases. Some common password hashes include MD5 and SHA.
Social Engineering - Tricking a victim into doing something you want them to do by disguising or enticing them into doing what you want. its a act of manipulating people into revealing information or tricking the victim to performing actions that are beneficial to the user.
Phishing - Creating a fake login page to a well known website (IE Facebook) and then fooling a victim into entering their information on the fake login page through social engineering.
Proxies - A proxy server is a server that acts as a go-between for requests from clients seeking resources from other servers. This means we will be able to mask our ip address from other sites. For the crackers we use a proxy list.
What does this for?: Some sites like rapidshare ban our ip addresses after multiple logins. By using proxies we are able to pretend to be other computers which will enable us to login multiple times without getting our ip address banned.
Trojan Horse - a Trojan is designed to allow a remote access by a hacker to a target computer (it’s composed from two parts the server and the client) the server is installed on the victims machine , and the client is used by the hacker to connect to the server.
Things that can be performed by a hacker on a target computer :
1-data theft
2-installation of a software
3-downloading or uploading files
4-keylogging
5-viewing screenshots And more
Backdoor - is a means of access to a computer that bypasses security mechanism, I other words a backdoor is a method of bypassing normal authentication or securing remote access, a backdoor can be a form of an installed program or a modification to an existing program.
Worm - a worm is a self-replicating virus that does not alter files, but resides in active memory and duplicate itself, sometimes a worm’s job is to take advantage of a backdoor created by an earlier attack.
Vulnerability - (security Hole) a vulnerability is a weakness in the system, it’s also classified as a security risk.
Exploit - an exploit is an attack on a computer system that takes advantage of a vulnerability, the term exploit refers to the act of successfully making an attack.
Posted in
Hacking Stuff
7 comments for this post
Leave a reply
Subscribe to:
Post Comments (Atom)
TechByte4U on Facebook
Popular Posts
free idm, serial key Internet Download Manager(also known as Idman) is an excellent internet download accelerator that will care of...
last week a person requested here to explain how to make a fake login page of Facebook.. So i am giving a lesson here about making fake ...
How to get Account on Google+ ? get google plus invitation Hello All, Google+ is still available using the invitation process, It wi...
Windows Genuine Notifications is a problem that every computer operator faces in her life. It notifies you if a copy of Windows XP is not ge...
Free winrar, Full version Winrar, Winrar Serial key I guess everyone know what is Winrar, and what it works. So without going into t...
Internet Download Manager 6.07 Registration Serial Number free idm, serial key Hi Friends, In this tutorial i am gonna explain a way...
Hi friends, Techbyte4u is growing day by day, and last month we got 50000+ pageviews and 25000+ unique visitors. So, Techbyte 4 U an...
These days when anyone try to create new account on gmail, it says you to enter your mobile no. and then it verify your no. by s...
You have no more need to read the long Pdf files line by line. Now feel free, coz your pdf will read out itself for you. Many peo...
Hey Friends, In my last post i have told you about the browser's fact of storing passwords after prompting 'Do you want t...
Anonymous
August 26, 2010 at 8:45 PM
Hashes are not plain encryption. You theoretical cannot decrypt it. Hash algos generate unique fixed length output code for every input.
Surbhi Verma
August 27, 2010 at 4:02 PM
@Above thanks for sharing ur knowledge here :)
Anonymous
September 10, 2010 at 11:39 AM
how to download these softwares???????
plzz give the links to download..
Surbhi Verma
September 10, 2010 at 11:51 PM
@Above.... search on google, u'll find all... :)
suneer
September 16, 2010 at 2:33 PM
hi subhi, i actually download one keylogger and installed it but that was a trial product with default email service, technically i am screwed here, i am not able to uninstall that one what should i do plese help me!!!!!
Surbhi Verma
September 16, 2010 at 5:44 PM
@Suneer, probabely you have installed keylogger infected with virus, i will suggest you to scan application before installation on virustotal.com
also try to uninstall keylogger through safe mode, or you can uninstall it manually... for that check this post
http://www.techbyte4u.com/2010/02/delete-complete-software-manually.html
raya
September 28, 2011 at 5:21 PM
where can i find all your articles in one book/pdf?
they are really awsome!!!!!!!!!!!!!!