Hackers, Methods, and Tools
To protect your safety, you need to identify the people who are threatening it. Who is the hacker, what methods do they use, and what tools do they have? I tried to summarize in this article a lot of things you wonder about the contrary children of the computer world.
The internet is the world’s fastest growing information ocean. We need internets to see our work, do our homework, get information and have fun. Every day millions of people dive into this vast ocean of knowledge. Only a few of the millions of computers that make up this global network are aware of the Internet threats, and few are striving to recognize the threats and take precautions. We all have access to the main objective knowledge that connects to the internete. But there are others who believe in the “freedom of information access” in the depths of the information ocean. They were also before the Internet, they will exist in the future; Hackers …
Who is the hacker?
Everyone who is a little bit confused with computers and the internet has a “hacker” definition in their heads. Hackers are often represented on the media as destructive, malicious computer users. Do you really think it is? Hackers are even children of the computer world. They are people with extraordinary ability and extraordinary intelligence on computers. Contrary to popular belief, hackers do not simply mean “hacking”. There are two common hacker definitions accepted today. The latter deals with computer programming and the second deals with computer security …
The first definition was made by Eric Steven Raymond, author of the famous hacker dictionary, the Jargon File. According to him, unlike most users who prefer to get only as much information about programmable systems as needed, the person who likes to examine system details and develops system capabilities is called “hacker”. This definition has a completely positive meaning to the concept of hacker. From this point of view, hackers are highly talented and productive programmers. In terms of programming, “hacking” refers to uncovering unknown secrets of a system or reprogramming the system to serve a specific purpose. For programmer hackers, hacking is “bringing a functional solution to a programming problem, even if it is fast and non-compliant”. According to Raymond, those who damage computer systems are called “crackers”, not hackers. Raymond defines the difference as follows: “Hackers do something, crackers break them …”
Programmer hackers include Linux creator Linus Torvalds, GNU project leader Richard Stallman, and Microsoft’s founder Bill Gates. When this definition is taken into consideration, it seems that hackers are not very interesting and mysterious people. However, with the influence of the media, the use of this classical hacker definition has gradually decreased
If you are a second hacker, computer security is covered. Computer systems are called hackers who have superior knowledge and skill, who provide unauthorized access to systems with special tactics. We are sure that this definition is more familiar to you. I will address the second definition when I use the term “hacker” because the issues are related to computer security. Hackers believe in the freedom of free access to information. Their danger comes from attacking and infiltrating your system to get the information they want. According to Hackers, the more mathematicians you know, the more likely you are to make a second hack. So the primary purpose for them is not to break down security systems, access protected information. Real hackers like to take risks. The higher the security of the system in front of them, the more pleasure they get from breaking it. A newly introduced security system is a new competitor for them. Hackers change their ages. They are generally programming-savvy and are as intelligent as they are to stay out of sight. Hackers do not like to boast about success. They usually work behind the scenes and care about privacy.
Despite privacy requirements, not all hackers work alone. They form hacker groups among themselves. But even within these groups, privacy is prevalent, members may not even know each other’s names. Hacker is not a person we can call “normal” in general. Hacker’s most powerful weapon is intelligence. A hacker has more practical thinking and decision making skills than a normal person; He did not think the same thing with anyone who made him a hacker anyway. Hackers are often somewhat disconnected from social life because of their commitment to their computers. Although the same thing is not true for all hackers, they do not like talking and traveling too much. Friend circles are not very wide.
Hackers working in the security field have a mysterious airflow for the work they do. The world of Hackers has been a big curiosity for anyone who is curious about computers. Finding out that nothing actually looks like it might cause you to be frightened in the first place. You need to know how hackers work, what they can do, what tools they use, and how they are, so that you can protect and resist hackers. A promise of English philosopher Francis Bacon is very popular among hackers: “Knowledge is power …”
Hackers are divided into two according to their qualities and purpose: White ladies and Black ladies. In addition, for those who care about non-hacker Hackers, “Lamer” and “Script Kiddie” are used.
White hat (white hat)
White hat hackers are benevolent hackers who do not break security systems to harm them. White shafts can work with the company that produces the software to find the weak spots of a system. White shafts declare open to the company / person who developed the software before announcing to the public what they have detected in any system, give a reasonable time for the open closure and will not harm the system during this period. Then, in order to inform the public, we disclose details about this disclosure in various newsgroups and websites. We can say that white ladies are working for defensive purposes. These people are also called “ethical hackers”.
Black hat (black hat)
In black hat hackers, it’s the exact opposite of white ladies. By overcoming security systems without permission, they engage in damaging activities such as information theft, fraud, terrorism, and conscious destruction. They can be accessed remotely from a computer or by breaking a software. The black shampoos that break the software are called “crakcer”.
Gray hat (gray hat)
They are hackers circulating in the legality. The manager will guide the security policies by identifying weak spots and vulnerabilities of the systems they support.
Software hacker (cracker)
They are the people who break the copy protection of the software and use it without permission. Experts in programming may not have knowledge of network security.
They are people who are involved in hacking activities to express a social or political problem. Their aim is to announce something that is “bad” or “wrong” to them and to give a message to them. It should not be forgotten that whatever the purpose, it is guilty to unauthorized access to a computer system and such activities should not be supported.
A hacker is a person who has no knowledge of hacking, has a few words he has learned, and a few simple programs he has used in his hand. Lamellars are usually child-aged and are only intended to cause harm.
These are the most dangerous and most feared people, although they are not hackers. Script kiddies also like hackers like lamers, but unlike lamers, they have some information. Script kiddies often try to attack systems / people, damage them and use them for bad purposes. For them, piercing a security system is not the vehicle, but the goal. They can be described as anarchists of the hacker world. Simple attacks on home users are usually script kiddies. Playing your files and stealing your passwords on your PC is an entertainment source for them. Script kiddies use a variety of ready-made programs and tools that are easily found on the Internet. Written by others, read and practice the steps that tell how to do something one step at a time. They do not know how their programs work and can not understand the technical documentation. They try to harm as many computers as possible by using the programs in their hands. They have no real purpose other than to throw their friends at him, saying “I hacked X”. Script kiddies are mostly computer-curious high school students. Hacker aims to be popular by creating an image. That’s why they define themselves as hackers and boast of it. If someone says you are a hacker, you know that he is probably a script kiddie or lamer. They have no real purpose except to blow their friends by saying “I hacked X”. Script kiddies are mostly computer-curious high school students. Hacker aims to be popular by creating an image. That’s why they define themselves as hackers and boast of it. If someone says you are a hacker, you know that he is probably a script kiddie or lamer. They have no real purpose except to blow their friends by saying “I hated X.” Script kiddies are mostly computer-curious high school students. Hacker aims to be popular by creating an image. That’s why they define themselves as hackers and boast of it. If someone says you are a hacker, you know that he is probably a script kiddie or lamer.
They work on telephone networks, hacking phone systems and trying to make free calls. Classic phreakeres were sending various signals to the telephone line by preparing various electronic circuits. With the modernization of telephone networks, these methods are losing their reality. Modern phreakers are interested in detecting international free lines, breaking out answering machines and hacking VoIP services.
It is very difficult for a hacker who does not work on schedule to achieve success. Contrary to popular belief, hackers do not juggle computers, and they do not get in and out anytime. Systematic work is required to hack a system. This work can take the days and even the months of the hacker. Moreover, achieving a successful result is never guaranteed.
Black hackers’ attack plan consists of the following stages:
- Get preliminary information
- Gaining access
- Operating system or application level
- Network level
- Denial Of Service (DOS)
- Access from access
- Download program or data
- Program or upload / send data
- Make changes to / files in the system
- Do not destroy tracks
In the course of information acquisition, as much information as possible is collected about the target before attacking the target. At this stage, the company’s domain name registration is examined; operating details, accessible hosts (hosts), open ports, locations of the routers, operating system and services running on the system. So it’s like playing the door to find out who’s at home. It does not present a serious hazard.
Scanning is a pre-attack phase where the hacker scans the network or target system for information that is more useful to the business, using the information it receives in the first stage. In this stage, port scanners, dialers, open scanners, and so on. tools are used and the network map is removed. When a single vulnerability is found in the system, the hacker goes to the attack stage. For this reason, this stage is risky and should be identified and prevented as soon as possible by the person responsible for the safety of the system.
3. Winning the Interception
This stage is the actual attack phase. The hacker can exploit the system by using the appropriate exploit detected by the hacker or by typing on the LAN or locally, while you are online or offline, deceit or theft. The amount of damage that can occur at this stage may vary depending on the structure and configuration of the target system, the attacker’s skill, and the level of access obtained.
The hacker has infiltrated the system and it is now time to announce his own rule. At this stage, the hacker can harm the system. Some hackers block other exploits in the system and increase security, thereby preventing different hackers or system administrators from entering the system and ensuring that the system is only their own. The hacker can install a backdoor, rootkit or trojan horse to easily re-enter the system. At this stage, the hacker can change the system configuration by downloading files or programs from the system, sending information, modifying existing files
5.Deleting the Signs
Once the hacker has used the system for his own purposes, he / she must lose his / her identity in order not to be identified. This is to be able to stay in the intended system for longer periods of time (no action will be taken unless it is noticed), to reuse the resources at any time, to eliminate hacking delinquencies and to get rid of legal responsibility. There are methods such as encryption to delete tracks, use of interconnection (tunnel), change of log (log) files. As long as the hacker deletes the traces, he or she can benefit from that system for a very long time, or by using the system it has acquired, it can start to collect information about another system related to that system.
Hackers resort to a variety of utilities to achieve their goals. These tools can be used for every stage we mentioned above. Some of the tools that hackers use (such as information gathering tools) can be essentially harmless, even useful tools for a normal user. Some of them are malicious tools that are completely developed for hacking. Hacking tools are often distributed free of charge because they are developed by those who believe in freedom of information access. We even see that the majority of linux-based software is open-source, but we can not say the same thing for Windows-based ones. Now let’s recognize the tools used by hackers by separating them into categories.
Information gathering tools
Information gathering tools perform simple operations such as ping, whois, and traceroute. For example, a whois query can provide you with information about which host a website is hosted on, the IP address, the IP address of the e-mail server, and the contact information of the site owner. The ping command is used to tell if any computer on the internet is responding to you. Normally, when you send a computer ping command, the other party sends you a response so that the data communication speed between the two computers can be calculated. Traceroute shows what points on your computer are passing through to reach the target computer. A hacker can infiltrate one of those weak points to control data communication or data theft.
Port and Vulnerability scanners
Port and vulnerability scanning is the most effective way a hacker can use to gather information. Many services are constantly running on potential target computers (especially on servers). In order for these services to accept connections from outside, they have to open certain ports and listen. Since the default ports are often not changed, a hacker can easily figure out which port is being used by which program or service. Once the hacker has identified the programs / services running on the target system via the vulnerability scanners, he will start exploring possible exploits related to that program or service and any exploits that have not been upgraded. It will also be very easy to access the system through the exploits found.
Trojan Horses (Malicious Software)
You know the legend of the Trojan horse. Trojan city can not be conquered by any kind of fighting. Finally a wooden horse is built and filled with soldiers inside this horse. The horse is offered as a gift to the Trojans, and the soldiers who attain it after they enter the city provide Troy to be taken.
Trojans have been given this name because they have worked with a similar logic. A Trojan horse is a malicious programmer hidden in a program that appears to be normal and useful. When the user runs a file with a trojan (for example, a game opens, an image is displayed, or an error message appears that looks like the original), the backplane starts running the actual malicious program and executes some hidden actions that the user is unaware of. The Trojan usually runs a server application so that the attacker can access your computer from the outside. In addition, the trojan copies itself as a system file and automatically restarts each time the system is booted. This allows the hacker to connect to your computer at any time and perform various actions that the trojan allows.
Advanced trojans or malware provide more control over the computer; the person using it can control it as if you are sitting in front of your computer. Here are some things that can be done using a Trojan:
- Steal all your registered account information and passwords
- Access your files on your computer
- Download, modify, send, run files
- Be able to follow what you have written
- Do not see your screen
- Ability to record audio / video from your microphone and web cam if connected
- Turning your CD / DVD drive on and off (usually done for joke)
- Your printer can send output
- Monitoring, setting / changing your keyboard and mouse
- Attacking someone else over your computer
We told the script kiddies that they were enthusiastic young guys. Here the trojans offer them exactly that. They can infect various computers with trojans just for fun. This way you can easily retrieve your passwords from email, instant messaging software and social media tools, read your own writings to you, or just harm your system to satisfy your eGOs.
To get a trojan into the system, the target person usually has to be convicted and convicted through social engineering. The ways that Trojans can reach the target are:
- MSN Skype such as Skype, ICQ, IRC
- Social Media Tools, Facebook, Twitter etc …
- Email attachments
- Physical access (attacker using your PC)
- Explanations in Web browsers and e-mail software
- NetBIOS (file sharing)
- Fake programs
- Insecure sites and software
The simplest way to protect from Trojans is to use a good anti-virus program and firewall. Most anti-virus programs detect popular trojans instantly and disable them before they work.
Taking account information of an authorized person usually makes it easier for the hacker to reach its goal. A hacker with a valid account in hand can log in to the system using direct account information, without exploits or with different methods, and get the information he / she wants.
Passwords are crypted, not plain text, so they can not be easily captured. Various cryptographic functions have been developed to store passwords (and other important information). As an example, it is checked whether the “7lekiust” cipher is encrypted with MD5 method “061fd09716f00fed3a8866052db55a81”. As a result, backward processing can not be performed, so it is not possible to break this encryption immediately.
The hacker may have seized it in a database containing such coded passwords, or may simply be trying to break a web form that the user knows about. There are three ways to crack passwords:
Do not guess: you should not be surprised to find out that most users choose extremely weak passwords. qwerty, 12345,0000, date of birth and real name are some of the most used passwords.
Dictionary attack: Glossary attack exploits the tendency of people to select weak passwords. A file called a dictionary or word list consists of a list of thousands of or even millions of calves that may be passwords. For example, dictionary files such as place names, Turkish words can be easily found on the internet and downloaded to the password breaker programs. After getting the program list, they start to try each word one by one. Modern computers may try hundreds of passwords at the moment, which is why it is a very logical method.
Brute force: To try all possible codes is called brute force attack. Theoretically, every password can be broken with this method. But as long as the code is not short, this method is impractical because it can take many years to break a good password. A password of at least 10-12 characters, consisting of upper and lower case letters, numbers and special characters, is sufficient for today’s computers to not break easily.
Keystroke recorders are programs that secretly record everything you write. However, the capabilities of advanced key recorders are not limited to this. An advanced keystroke recorder may have the following features:
- Save your edits
- Save the web sites you entered
- Get a screenshot at regular intervals
- Save your e-mails and instantly send a copy to the attacker
- Do not keep your chat logs. etc…..
Keystroke recorders can only keep their records in a secret file on the target computer, or they can send copies of records to the attacker at regular intervals. These programs are often used to control password stealing, children or office workers. Advanced key recorders are usually fee-based and can be identified by anti-virus software as they are legitimate software.
Apart from the soft key recorders, there are also hardware key recorders. Everything written with the aid of a small hardware connected between the keyboard and the computer is recorded. The keystroke recorders are completely transparent, operate independently of the software and can not be recognized using software.
The Sniffer is literally “sniffy”. Sniffers follow “sniffing” data flowing over the network. The sniffer can be hardware or hardware that contains firmware or programmed firmware. Snifferers secretly examine network traffic and at this time they certainly do not interfere with traffic or make any changes, so it is very difficult to detect them. So what kind of data can be obtained with a sniffer? Protocols like Windows file sharing, telnet, POP3, HTTP, and FTP are extremely popular, but things are very simple and insecure. All the passwords you use in these protocols are sent to the server in plain text. Here, the account information you use when connecting to such a server can easily be captured with a sniffer.
I hope this article has informed you a little. It is impossible to summarize the Hacker and its methods in such a way, which is a topic that can contain books full of information, although I have not tried to tell about it.