Hacking: The Art of Exploitation

There are many definitions for “hacker”. Ask this question from a phalanx and you’ll get a new answer every time because “more mouths will have more talks” and this is the reason behind the different definitions of hackers which in my opinion is quite justified for everyone has a right to think differently.

In the early 1990s, the word “hacker” was used to describe a great programmer, someone who was able to build complex logic. Unfortunately, over time the word gained negative hype and the media started referring to a hacker as someone who discovers new ways of hacking into a system, be it a computer system or a programmable logic controller, someone who is capable of hacking into banks, stealing credit card information, etc. This is the picture that is created by the media and this is untrue because everything has positive and negative aspects to it. What the media has been highlighting is only the negative aspect; the people who have been protecting organizations by responsibly disclosing vulnerabilities are not highlighted.

However, if you look at the media’s definition of a hacker in the 1990s, you would find a few common characteristics, such as creativity, the ability to solve complex problems, and new ways of compromising targets. Therefore, the term has been broken down into three types:

1. White hat hacker—This kind of hacker is often referred to as a security professional or security researcher. Such hackers are employed by an organization and are permitted to attack an organization to find vulnerabilities that an attacker might be able to exploit.
2. Black hat hacker—Also known as a cracker, this kind of hacker is referred to as a bad guy, who uses his or her knowledge for negative purposes. They are often referred to by the media as hackers.
3. Gray hat hacker—This kind of hacker is an intermediate between a white hat and a black hat hacker. For instance, a gray hat hacker would work as a security professional for an organization and responsibly disclose everything to them; however, he or she might leave a backdoor to access it later and might also sell the confidential information, obtained after the compromise of a company’s target server, to competitors.

Similarly, we have categories of hackers about whom you might hear frequently. Some of them are as follows:

• Script kiddie—Also known as a skid, this kind of hacker is someone who lacks knowledge of how an exploit works and relies upon using exploits that someone else created. A script kiddie may be able to compromise a target but certainly cannot debug or modify an exploit in case it does not work.
• Elite hacker—An elite hacker, also referred to as l33t or 1337, is someone who has deep knowledge of how an exploit works; he or she is able to create exploits, but also modify codes that someone else wrote. He or she is someone with elite skills in hacking.
• Hacktivists—Hacktivists are defined as a group of hackers that hack into computer systems for a cause or purpose. The purpose may be political gain, freedom of speech, human rights, and so on.
• Ethical hacker— An ethical hacker is a person who is hired and permitted by an organization to attack its systems for the purpose of identifying vulnerabilities, which an attacker might take advantage of. The sole difference between the terms “hacking” and “ethical hacking” is permission.

Important Terminologies

Let’s now briefly discuss some of the important terminologies that I will be using throughout this book.

• Asset— An asset is any data, device, or other components of the environment that supports information-related activities that should be protected from anyone besides the people that are allowed to view or manipulate the data/information.
• Vulnerability—Vulnerability is defined as a flaw or a weakness inside the asset that could be used to gain unauthorized access to it. The successful compromise of a vulnerability may result in data manipulation, privilege elevation, etc.
• Threat— A threat represents a possible danger to the computer system. It represents something that an organization doesn’t want to happen. Successful exploitation of the vulnerability is a threat. A threat may be a malicious hacker who is trying to gain unauthorized access to an asset.
• Exploit— An exploit is something that takes advantage of a vulnerability in an asset to cause unintended or unanticipated behavior in a target system, which would allow an attacker to gain access to data or information.
• Risk— A risk is defined as the impact (damage) resulting from the successful compromise of an asset. For example, an organization running a vulnerable Apache Tomcat server poses a threat to an organization and the damage/loss that is caused to the asset is defined as a risk. Normally, risk can be calculated using the following equation:

Risk = Threat * vulnerabilities * Impact

What is Cybercrime?

Cybercrime is using computers and networks to perform illegal activities such as spreading computer viruses, online bullying, performing unauthorized electronic fund transfers, etc. Most cybercrimes are committed through the internet. Some cybercrimes can also be carried out using Mobile phones via SMS and online chatting applications.

Type of Cybercrime

The following list presents the common types of cybercrimes:

• Computer Fraud: Intentional deception for personal gain via the use of computer systems.
• Privacy violation: Exposing personal information such as email addresses, phone numbers, account details, etc. on social media, websites, etc.
• Identity Theft: Stealing personal information from somebody and impersonating that person.
• Sharing copyrighted files/information: This involves distributing copyright-protected files such as eBooks, computer programs, etc.
• Electronic funds transfer: This involves gaining unauthorized access to bank computer networks and making illegal fund transfers.
• Electronic money laundering: This involves the use of a computer to launder money.
• ATM Fraud: This involves intercepting ATM card details such as account numbers and PIN numbers. These details are then used to withdraw funds from the intercepted accounts.
• Denial of Service Attacks: This involves the use of computers in multiple locations to attack servers with a view of shutting them down.
• Spam: Sending unauthorized emails. These emails usually contain advertisements.

 

What is Ethical Hacking?

Ethical Hacking is identifying weaknesses in computer systems and/or computer networks and coming up with countermeasures that protect the weaknesses. Ethical hackers must abide by the following rules.

Get written permission from the owner of the computer system and/or computer network before hacking.

• Protect the privacy of the organization been hacked.
• Transparently report all the identified weaknesses in the computer system to the organization.
• Inform hardware and software vendors of the identified weaknesses.

Why Ethical Hacking?

Information is one of the most valuable assets of an organization. Keeping information secure can protect an organization’s image and save the organization a lot of money. 

Hacking can lead to loss of business for organizations that deal in finance such as PayPal. Ethical hacking puts them a step ahead of the cybercriminals who would otherwise lead to loss of business.

The Legality of Ethical Hacking

Ethical Hacking is legal if the hacker abides by the rules stipulated in the above section on the definition of ethical hacking. The International Council of E-Commerce Consultants (EC-Council) provides a certification program that tests an individual’s skills. Those who pass the examination are awarded certificates. The certificates are supposed to be renewed after some time.

Summary

• Hacking is identifying and exploiting weaknesses in computer systems and/or computer networks.
• Cybercrime is committing a crime with the aid of computers and information technology infrastructure.
• Ethical Hacking is about improving the security of computer systems and/or computer networks.
• Ethical Hacking is legal.