Hacking Terminology & Tools Explained
#1
[Image: Q0I3lq7.png]
Color codes:
  • Yellow = name

  • Yellow bold = link

  • Orange bold = bold text or comment/note

  • Blue = path

  • Green = edit

  • Purple = file extension
Hello Vigilante! As we all know, our forum is growing and I'm pretty sure that there are a bunch of people that are willing to learn about the art of hacking. This tutorial is for those who are new in this 'industry' and are willing to gain more general knowledge about hacking, what kind of hackers exist, their classifications, what R.A.T or Botnet stands for etc. I frankly believe that after reading this tutorial, you will make the right decision, in which class you want to belong to and what you are gonna aim for. So let's get started!

Classifying Hackers

I'm pretty sure that you all have heard about white and black hat hackers and you probably know what they do, what their 'job' is and so on. Apart from that, there exists NeophytesBlue hat hackersScript Kiddies and others that have their own definitions in the hacking industry. Let's start with the most common: white and black hat hackers.
 
White hat hacker

white hat hacker, also known as an ethical hacker, is a computer security specialist and security researcher, whose main job is to break protected systems/networks for non-malicious reasons to get those 'holes' patched. They mostly get hired by companies that are willing to improve their security. With their mind and skills they help companies such as FacebookGoogleInstagram etc. to improve their security system by finding random vulnerabilities in the system before any black hat hacker detects and exploits it.

Black hat hacker

Apart from white hat hackers, being a black hat hacker simply makes you criminal since their job is to breach and bypass internet security and utilize whatever exploits they have to their advantage. His hacks may be performed for his personal financial gains or any other reason. They mostly aim to inflict major damage on large organisations
or to random people such as stealing their personal information, shutting down websites and networks, blackmail companies, spread their viruses over network, perform DDoS Attacks and so on. 

Grey hat hacker

Grey hat hacker is somewhere middle of being White and black hat hacker at the same time. For example when grey hat hacker discovers a vulnerability of website or security system, instead of explaining how exploit works to the vendor, the Grey hat hacker starts to offer to repair it for big or small fee. or when the Grey hat hacker gains illegal access to a system/network, they are informing owners that they exploited a bug without
repairing it. There's another definition of Grey hat hacker, which is that GHHs legally break into securities to research and improve company's defense.

Now that we're finished with classifying the most common types of hackers, let's move on to common hacking methods and why they are so meaningful for hackers.

Botnets

botnet or also known as (Zombie Army) is a number of computers that are connected online. and all those computers are being commanded by one person who we can consider as their 'Boss". What can we do with botnets and why they are extremely dangerous? First of all, let's all imagine a farm area that we own, where we planted tomatoes and it's time to harvest. let's say that if we work alone it would take us approximately 5 days to completely harvest our whole farm. if we hire some workers it will be a lot easier as few people start to work on the same thing. so instead of 5 days time will be reduced to 3 for example. By the will of Botnets, people perform Distributed Denial-of-Service (DDoS) attacks to website for example that can be closed down by having to handle so much traffic at the same time which website can't really afford. There are two common methods that hackers use to infect your PC and make part of a botnet system. Downloading random infected from website, or being infected from e-mail. if hacker decides to infect computers from website, then attacker should find a popular website that has an exploitable vulnerability. after finding it hacker embeds his malicious code on the site. After visiting exploited website embedded code will automatically transfer you to another site that is being owned by the attacker from where Botnet virus will be downloaded and installed in your operating system automatically without even noticing it. Infecting someone with an e-mail is when hackers send you an e-mail that includes either a file (Word Document, PDF file) that has malicious code inside of it or sending you an infected link that has botnet code nested inside. being trapped in one of those two methods will automatically make you a part of Botnet world. after you become a part of Botnet the attacker has full access to your PC which means that Hacker is allowed to remotely  command your machine and perform random attacks.

Internet Relay Chat

Internet relay chat, also known as IRC is a way of communicating with people from all over the world using internet in real time. in order to chat with any other IRC user, you must either have an IRC client or a web interface that simply connect you to Internet Relay Chat servers. using IRC allows you to meet people on 'channels' which allows you to talk in groups, or talk privately. There's no restriction to the number of people that can be participated in a given channel, or number of channels that can be formed on IRC. Why it is important to Hacker? Because Internet Relay Chat connections are usually not encrypted and typically span long time periods which means that they're an attractive target for hackers.

Remote Administration Tool (RAT)

Probably all of you heard about Remote Administration Tool and what it can exactly do, but let's expand its definition. Remote Administration Tool also known as RAT is software that gives a person full control of technical device remotely. which means that once your computer is infected with RAT, a remote "operator" is able to control your operating system fully. The operator controls infected computer through a network connection.How people get infected with RAT? There are few common methods that hackers use. but in order to get infected, victim should open a file that is called stub which can be attached to E-mail, could be sent into a P2P (peer-to-peer) sharing software or could be uploaded on random website or even in Torrents.This tool allows you to:
  • Capture victims Screen/Camera 


  • File Management (Allowing operator to download/upload/execute random files from/in your operating system)


  • Shell control (performed from command prompt)


  • Computer Control (allowing operator to turn off/on your PC, Freeze/Block your Screen or Keyboard/Mouse)


  • Registry management (can easily add/delete or modify your registry the way operator wants to)


  • Other (Depends on which RAT operator is using and what opportunities that RAT can offer)
Keyloggers

A keylogger or also known as Keystroke logging is a piece of software and very useful method that logs every single key you press on your keyboard. It can save your personal messages, passwords, account names, credit card numbers and everything that you can possibly type on your keyboard. Hacker gathers user's unique information through the victim's internet connection without even his/her knowledge about infection. There are a few types of Keyloggers that usually exist and are in use.
  • Software-based keyloggers
    - These kind of keyloggers usually work on the target computer's software. these kind of keyloggers are mostly used in IT organisations for troubleshooting technical problems with computers and business networks.
  • Kernel-based 
        - These obtains root access to hide itself in the OS and saves every single keystroke that passes through the kernel. kernel-based keyloggers are hard to write and to combat as well.
  • API-Based  
        - API keyloggers stroke keyboard APIs inside a running application.  Keylogger registers keystoke events as if it was a normal piece of the application instead of malware. The keylogger receives an even every time victim uses or releases a key.

Brute-Forces

Brute-Force or also known as Brute-Forcing cracking is a method that allows user to decode encrypted data such as passwords or Data Encryption Standart(DES) keys. in general crackers are meant to test network security, but they  are used for malicious attacks.What can brute-forces do? this 'machine' simply attempts all the possibilities of all the letters/numbers/special characters and with this method hackers are allowed to try millions of combinations within minutes. so let's all imagine you having a gaming account that is well-secured, For hacker it would be a lot harder and would take more effort to try all possible passwords one by one and after few unsuccessful attempts site just blocks you. in order to save time, hackers use brute-forcing method and they test millions of combinations in no time.Strong hashing algorithms can slow down brute-force attacks. Hashing algorithms perform additional mathematical work on Password and encrypts your data. if slow hashing algorithm is used on your data then it will require thousands of times as much mathematical work to try each password and critically slows brute-force attacks. There are few methods that hackers use for Brute-forcing:
  • Central Processing Unit or also known as CPU is the part of the computer that performs the will of the software loaded on the computer. It's the main executive for the entire machine. It is the master that tells all the parts of the computer what to do - in accordance with the program code of the software, and, hopefully, the will of the user. but in cracking it is slow for usage as long as it has from 4 to 32 cores nested inside.CPU Core can execute 3 32-bit instructions per clock.


  • Graphics Processing Unit known as GPU is very different. Yes, a GPU can do math, and can also do "this" and "that" based on specific conditions. its core is based on which GPU card you are using. for example Radeon HD 5970 can execute 3200 32-bit instructions per clock.
Doxing

Doxing or Doxxing, is the Internet-based practice of researching and broadcasting private information about an individual or simply, organisation. This method allows you to research information from publicly available databases and social medias such as Facebook/Twitter. Hackers can harvest information online about individual. Media sites such as Facebook can hand us information about their visual appearance (by sharing their photos) also we can see their place of employment, Phone numbers and email addresses. It is also possible to find someone's person's name or home address by having their cell-phone number. mostly hackers use services as reverse phone hookup, there are other doxing  methods as well to harvest victims information. These may include searching someone by domain name or locating their residence based on victims current IP address.Why Doxxing is so meaningful for Hackers? Once they harvest all the useful information they're looking for, they can simply complete fake signups on random websites, ship something from the website by using their information and so on. 


Virtual Private Network and Virtual Private Servers (VPN/VPS)

Virtual Private Network

VPN is a short term of Virtual Private Network. VPN is a common method that is used to add security and privacy to public and private networks for example Wi-Fi hotspots and internet. VPN is mostly used by companies and corporations that are willing to protect their data. As mentioned already, Virtual Private Network (VPN) is designed to provide a secure, encrypted "tunnel" in which we transmit some type of data between remote user and company's network. While the information is transmitted between two, it is impossible to be read by anyone else because those systems contain several types of elements that secure Company's private network and the outside network. Most common security methos is using Firewall between client and host server which makes remote user to establish connection with the firewall first. Encryption is an important component to secure VPN.By encrypting your data, you secure your files and allowing only you and data receiver are allowed to decrypt and read the data.

There are three main network protocols that are used with VPN. 
IPSec - A set of protocols that is developed by the IETF which supports secure exchanges of packets at the IP layer. Ipsec supports two encryption types : Transport and Tunnel.

PPTP - PPTP or also know as Point-to-Point Tunneling Protocol was developed by Microsoft, U.S. Robotics and several other remote acces companies. this protocol is used to create Virtual Private Network.

L2TP - Layer 2(Two) Tunneling Protocol is an extension for the PPTP protocol that allows ISP (Internet Service Provider) to operate with Virtual Private Networks.


Virtual Private Server

I think all of you heard about VPS (Virtual Private Server) but let's expand your knowledge. Virtual private Server or Virtual Dedicated Server (VDS) allows you to install virtual machine on one computer but you're able to operate multiple hosting servers virtually with a single server. each virtual machine (VM) is running its own Operating System (OS) such as Linux,Windows, Mac OSX etc. Each virtual machine makes you feel like you're owning entire computer, as long as you can determine how much Ram each VM should use, what kind of OS should be installed and so on. in my personal experience i mostly use virtual servers to enlighten myself, what i mean is that i run several Operating Systems to get known with. i train with Kali which is one of the most-used "hacking" operating system that has hacking toolkits nested inside. by using VM you're making your own Laboratory. Each operating system in VM are called "Guest operating Systems" and they communicate through the hardware via virtual machine monitor (VMM).

Proxy or Proxy Server

Proxy or Proxy Server is a computer that sits between a client computer and the internet, that provides network services to a client.  Proxy server works by intercepting connections between sender and receiver. All incoming data enters through one port and is forwarded to the rest of the network using another port. By blocking direct access between two networks, proxy servers are making it more difficult for hackers to get an internal address and details of a private network.Proxy Servers are being used for several reasons. If proxy is used as a caching web proxy, then it improves performance of a web response. When any kind of request is made by a client, caching proxy returns response directly from its cache if that type of document already exists.If not, it makes request from the real server to retrieve that file and saves it in its cache for later use. Anonymous proxy server is another type of web proxy that helps users to anonymize their activities online. These types of proxy servers directs user requests to a destination server, which unfortunately has no idea where that request is coming from. But only Proxy knows and is aware of the source of the request including users IP Address and location.

Common types of Proxy servers

Proxy servers are divided into several types and each of them have its own purpose and functionality. so let's start classifying Proxies!

Web Proxy - Most widely known type of Proxy. which responds to the user request by accessing resources from web pages and files that are available on remote web servers. This one faciliates quick and reliable access to data for local network client. If the request resource is not found in the cache, then a web proxy fetches the file from the remote server and automatically saves a copy in the cache before it gets returned to the client.

Transparent Proxy - is mostly used for caching websited and overcoming simple IP bans. These proxies do not provide any user anonimity and user's original IP address is not hidden and is exposed.

Anonymous Proxy - same as Transparent Proxies. Does not hide users original IP address. Anonymous Proxy users are easily detectable.

Open Proxy - Open Proxies are accessible by any internet user as long as they are allowed to receive and return requests from any computer. Anonymous open proxies are used for user anonimity to hide/conceal the original IP Address.

SOCKETS (SOCKS)

SOCKS or SOCKETS is an internet protocol that allows client-server applications to trasparently use the services of a network firewal. SOCKS proxy transfers all its data from a client to a server, without adding anything external. Anonimity of this type of proxy servers are really absolute. There are two known and most used versions of SOCKS protocol named SOCKS4 and SOCKS5. The difference between those two SOCKS is that SOCKS5 proxies are supporting UDP, extending the framework to include provisions for generalized strong authentication schemes and extends addressing scheme to encompass domain-name and V6 type IP Addresses.

Cryptography and meaning of Encryption/Decryption

Cryptography - The art of protecting information by encrypting into an unreadable format which is called cipher text. Only those people, who possess a secret key are allowed to decrypt (or decipher) message/text into a plain text. Encrypted messages can sometimes be broken by cryptanalysis also called codebreakers. Most of modern cryptography techniques are virtually unbreakable. Cryptography includes techniques such as microdots, merging words with images and other different ways to hide personal information in storage. People who are studying/practice in this field are called/known as Cryptographers.
Modern cryptography concerns itself with the following four objectives:
1) Confidentiality - The information cannot  be understood by anyone
2) Integrity - The information cannot be altered in storage or transit between sender and intended receiver without the alternation being detected
3) Non-repudiation - The creator/sender of Cryptograph cannot deny at a later stage his or her intentions in the creation or transmittion of the information.
4) Authentication - The sender and receiver must confirm each other's identity and the origin and destination of that information.

Did you know that Cryptography first was used 2000 B.C by Egyptians, but The first known use of a modern cryptography was by Julius Caesar who did not trust his couriers when communicating with his allies. For safety, he created a system in which each character in his messages was replaced by a character three positions ahead of it in the Roman alphabet.
So if the Julius Caesar had to sent message "Hello", he would crypt like "KHOOR" and only the receiver would know how to decrypt this phrase.

Encryption - Translating your data into a secret code. Encryption is the most effective way to secure your data. In order to read an encrypted file, you must have access to a secret key or password, or should know how current text is encrypted and what method is used. There's a lot of information that companies don't want to share. Such as:
Credit-card informations
Social Security numbers
Bank Account informations
Personal Details 

Decryption - Translating your encrypted data back to normal.



That was all for now my friends! Thank you for taking time and reading this, some of you enlightened themselves as well ! Huge shout out @Jurij who helped me to modify this thread! Go check him out aswell!
#2
Quite an informative thread, thank you for sharing.

I'm glad somebody was able to help you out with the formatting - I can take my time with releasing it...heh Hat Tip

Looking forward to future contributions from you.
Reply
#3
oh come on you didn't apply color codes to the rest of the text

you lazy bum lol
Reply
#4
This Is certainly of help to those new to the scene of hacking and It's entities.

A job well done.
Reply
#5
Well done, this is pretty well organized. While the content is rather simple, the value to a beginner is enormous. It's hard to search when you don't know what you're looking for.
Reply
#6
@Baredee
@Albus

Thank you both for your positive replies. Will do my best in future!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)