IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI-2017)
Ethical Hacking: The Need for Cyber Security
Sonali Patil Ankur Jangra Mandar Bhale
Associate Professor Computer Department Computer Department
Computer Department PCCOE, Pune PCCOE,Pune
PCCOE,Pune
Abstract—Hacking is basically expertise in any field. Hackers
are classified as per working and as per knowledge. The ethical
hackers come under white hat hackers. Ethical hackers use
hacking techniques in order to provide security. They are legally
authorized hackers. Various tools are used in order to carry out
hacking. The most common hacking technique used is phishing.
Since, there is a rapid growth in the number of attack, there is a
need for people to learn ethical hacking concepts to secure
themselves.
Keywords—Hacking; White hat Hackers; Ethical Hackers;
Phishing;
1.INTRODUCTION
Ethical hacking also known as penetration testing or white
hat hacking, involves the same tools, tricks, and techniques
that hackers use, but with one major difference that Ethical
hacking is legal. Ethical hacking is performed with the target’s
authorization. The intent of ethical hacking is to find out
vulnerabilities from a hacker’s viewpoint so systems can be
better secured. It’s part of an overall information risk
management program that gives the permission for ongoing
security enhancements.
Security is the condition of being protected in opposition to
danger or loss. In the case of networks, it is also called the
information security. Computer security is required because
most organizations can be damaged by antagonistic software
or intruders. There may be several forms of damage which are
interrelated which are produced by the intruders.
Types of Hackers:
1) As per working
x White Hat Hackers
x Black Hat Hackers
x Grey Hat Hackers
x Hactivists
x State Sponsored Hackers
x Suicide Hackers
2) As per knowledge
x Script Kiddies
x Admins
x Coders
NEED FOR ETHICAL HACKING:
The technology of internet of things is growing at rapid rate.
Things are getting connected to internet and the only way to
978-1-5386-0814-2/17/$31.00 ©2017 IEEE
1602
Akshay Raina Pratik Kulkarni
Computer Department Computer Department
PCCOE,Pune PCCOE,Pune
secure them is keeping secret password for each. The users
feel once they have set a strong password, they are completely
secured whereas they are aware of the darker part of this
internet. People with intentions to hurt, steal or harm in any of
the way called as the Hackers (crackers) constitute the darker
part of this web. They intrude into the system using certain
techniques. So, here comes the role of Ethical Hacker, the
good ones. To stay secure from getting hacked most basic
strategy would be to learn to think like a hacker. How the
hacker carry out hacking, what tools and techniques are used
by them. An ethical hacker does the same. He/She knows how
a hacker can intrude into his/her system, so all the existing
vulnerabilities in his/her system are scanned and removed. A
user study by Garfinkel and Miller[1], states that many users
may still be vulnerable inspite of having strong passwords.
The future is life bounded in internet hence, security is the
most important factor to be taken care of. This is why people
should learn ethical hacking.
2. ETHICAL HACKING
Who is an Ethical Hacker?
An ethical hacker is a white hat hacker who does hacking for
some good cause(like securing any organization ). Ethical
hackers basically are the good people. They have legal
authorization to intrude into other's system. The ethical
hackers scan the ports, websites and find the vulnerabilities
through which a cracker can attack.
The attacks could be easily done once the vulnerabilities for
any system is known. To be secured in this world of internet,
you must know how a hacker(cracker) can intrude into your
system
Learning the concepts of hacking and applying them for
securing any system, organization or for any good cause is
what defines ETHICAL HACKING.
The Fig.1 explains the steps for carrying out ethical hacking
which consists of 5 blocks –
1) Reconnaissance
2) Scanning and Enumeration
3) Gaining Access
4) Maintaining Access
5) Clearing Tracks
 IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI-2017)
Fig.1.Steps of Ethical Hacking
2.1 Reconnaissance[2]
Reconnaissance is a set of processes and techniques used to
secretly discover and collect information about a target
system.
During reconnaissance, an ethical hacker attempts to collect as
much information about a target system as possible, following
the seven steps listed below −
x Gather preliminary information
x Identifying active machines
x Determine open ports and access points
x OS fingerprinting
x Reveal all the services on ports
x Network mapping
2.2 Scanning and Enumeration
The second step of ethical hacking and penetration testing
involves two terms that is scanning and enumeration.
Scanning is a common technique used by a pen tester to
discover the open doors. Scanning is used to find out the
vulnerabilities in the services running on a port. During this
process you have to find out the alive host, operating systems
involved, firewalls, intrusion detection systems,
servers/services, perimeter devices, routing and general
network topology (physical layout of network), that are part of
the target organization.
Enumeration is the initial attack on target network.
Enumeration is the process to gather the information about a
target machine by actively connecting to it.
2.3. Gaining Access
Once the reconnaissance is done and all the vulnerabilities are
scanned, the hacker then tries to gain the access with the help
1603
of certain tools and techniques.
It basically focuses on the password retrieval. For this hacker
can either use bypassing techniques(like using konboot) or
password cracking techniques (like pwdump7).
2.4 Maintaining access
Once an attacker has gained the access of the targeted
system, he/she can exploit both the system and its resources
and furthermore use the system as a launch pad to scan and
harm other systems, or he/she can keep a low profile and
continue exploiting the system without the actual user noticing
all these acts. Both these actions can destroy the organization
leading to a catastrophe. Rootkits gain access at the operating
system level while a Trojan horse gains access at the
application level. Attackers can use Trojan horses to transfer
user names, passwords, and even credit card information
stored on the system.
Organizations can use intrusion detection systems or deploy
honeypots to detect intruders. The latter though is not
recommended unless the organization has the required security
professionals to leverage the concept of protection.
2.5 Clearing Tracks
An attacker needs to destroy evidence of his presence and
activities for several reasons like evading detection and further
punishment for the intrusion. Erasing evidence often known as
‘clearing tracks’ is a requirement for any attacker who wants
to remain obscure and evade trace back. This step usually
starts by erasing the contaminated logins or any other possible
error messages that may have been generated on the victims
system from the attack process. For instance, a buffer
overflow attack usually leaves a message in the system logs
which needs to be cleared. Next, attention is turned to
affecting changes so that future logins are not logged.
The first thing a system administrator does to monitor the
unusual activity happening in the system is by checking all
the system log files, it is important for intruders to use a utility
to modify the system logs so that they cannot be traced by the
administrator. It is important for attackers to make the system
look like it did before they gained access and established
backdoors for their use. Any files that were modified need to
be changed back to their original attributes so that there is no
doubt in administrators mind that the system has been
intruded.
An attacker can use the system as a cover to launch fresh
attacks against other systems or use it as a means of getting to
another system on the network without being detected. Thus,
this phase of attack can turn into a new cycle of attack by
using the five steps all over again.
3. TOOLS
Table 1:Tools used for Reconnaissance:
Tool OS Descripton
Gives all the basic
Supported by
Google information available
all
regarding the website.
 IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI-2017)

lookup tool allows using the analysis of

you to search for the network.
Linux,Window domain name
s and availability and all the Table 3:Tools used for Gaining access:
Whois Lookup MacOS(using information of the Tools OS Description
website),Fedor host such
John the Ripper,
a as ownership info, IP
mostly just referred to
address history,traffic
as simply, 'John' is a
etc. Unix,
popular password
a network utility Windows,
John The Ripper cracking penetration
program used to DOS,MacOS,
testing tool that is most
obtain information OpenVMS
commonly used to
regarding Internet
carry out dictionary
servers.
attacks.
WindowsOS, As the name suggests,
Wireshark efficiently
NSLookup MacOS,Linux, the utility finds all the
captures data packets
Solaris name server Linux,MacOS,
in a network in real
information for BSD,
Wireshark time and then displays
domains by Solaris,Micros
the data about the
querying the Domain oft Windows.
packets travelling in
Name
human-readable format
System (DNS).
Linux,MacOS, BSD,
WindowsOS,
KonBoot Solaris,Microsoft
Table 2:Tools used for Scanning: MacOS
Windows.
Tool OS Description Pwdump7 is the
used to check that the program that yield
AIX,Linux,
host computer the user the LM and NLTM pas
Windows,HP- Microsoft
Ping is trying to locate is pwdump7 sword hashes of local
UX,Solaris,Ma Windows
alive and can accept user accounts from
cOS,SunOS
the requests. the Security Account
MacOS,Windo a network diagonistic Manager(SAM).
ws, tool used to determine Aircrack is one of the
Tracert Linux,FreeBS the path the packet has most popular wireless
D, taken from one IP passwords cracking
WindowsNT to other. tools which you can
Nmap is an MacOS,Unix, use for 802.11a/b/g
Linux, Micros abbreviation of Aircrack Linux,OpenBS WEP and WPA
oft Windows, 'Network Mapper', and D,HP-UX cracking. Aircrack
OpenBSD, Sol it is a well known free uses the best
Nmap aris, open source hackers algorithms to recover
IRIX, Mac OS tool. Nmap is mainly wireless passwords by
X, HP-UX,Sun used for network capturing packets
OS discovery and security Fluxion is the future—
auditing a blend of technical
Linux, Micros and social engineering
oft Windows, automation that tricks
There's a GUI version All Linux
OpenBSD, Sol Fluxion the victim into handing
of Nmap called Distributions.
Zenmap aris, over the Wi-Fi
'Zenmap' used for the
IRIX, Mac OS password to the
network diaganostics.
X, HP-UX,Sun attacker in a matter of
OS keystrokes.
Nikto is an Open Cain and Abel is a tool
AIX,Linux,Wi Source (GPL) web to recover (i.e. 'crack')
Nikto Website
ndows,HP-UX server scanner which many types of
Vulnerability
,Solaris,MacO is able to scan and passwords using
Scanner Microsoft
S,SunOS detect web servers for Cain & Abel methods such as
Windows
vulnerabilities. network packet
Netcraft provides sniffing and by using
internet security the tool to crack
Ubuntu,Fedora
services including password hashes.
Netcraft ,
anti-fraud and anti-
Solaris
phishing services,
application testing

1604
 IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI-2017)

Table 4:Tools used for Maintaining Access:

Tools OS Description
Metasploit is a cyber
security framework that
provides the user with
vital information
Metasploit Ubuntu,Windo regarding known
Penetration wsOS,Redhat, security vulnerabilities
Testing Software MacOS and helps to formulate
penetration testing
plans, strategies and
methodologies for
exploitation.
Beast is a example of
trojan horse used to
create backdoors, more
Microsoft commonly known in
Beast
Windows the hacking community
as a Remote
Administration Tool or
a "RAT"
Cain and Abel is a tool
to recover many types
of passwords using
Microsoft methods such as
Cain & Abel
Windows network packet sniffing
and by means of the Fig.2 Process of Phishing attack[4]
tool to crack password
hashes.
The above fig.2 shows the process of phishing attack. The attack is
basically done using a fake page which is similar to the trusty
Table 5:Tools for Clearing Tracks: webpage. The attacker send the fake page link via email. This
includes the fake mailing process. Once the user clicks on the fake
Tools OS Description page link and login using his/her credentials, which directly reaches
Metasploit is a cyber the attacker and the user is phished.
security framework that
provides the user with
vital information
Metasploit Ubuntu,Wind regarding known
Penetration owsOS,Redha security vulnerabilities
Testing Software t,MacOS and helps to formulate
penetration testing
plans, strategies and
methodologies for
exploitation.
Forensic tool to delete
OSForensics Windows the log files and registry
files.

4. COMMON HACKING TECHNIQUE

Phishing[3]:

Phishing is a form of social engineering in which an attacker

tries to fraudulently acquire sensitive information from a victim by
impersonating a reliable third party.
It is worth noting that the phishers are getting smarter. Observing the
trends in other online crimes, it is inevitable that future phishing
attacks will incorporate greater elements of context to become more
effective and thus more hazardous for society.
Fig.3. Various types of attacks
Phishing attacks take benefit of both technical and social
vulnerabilities, there is a large number of different attacks; an
excellent overview of the most commonly occurring attacks and
counter measures can be found in [5].

1605
 IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI-2017)

5. CONCLUSION
[2]. website:https://www.tutorialspoint.com/ethical_hacking/ethical_ha
cking_reconnaissance.html
Ethical hacking must be practiced. It requires basic knowledge of
networks and cyber security. This paper collaborates most of the [3]. Tom Jagatic, Nathaniel Johnson, Markus Jakobsson, and Filippo
basic terminologies related to ethical hacking. It gives a brief Menczer. Social Phishing. Magazine Communications of the
information about who an ethical hacker is, and why there's a need ACM
for world to learn it. It also describes how hacking is carried out and
[4]. Website:http://www.digit.in/technology-guides/fasttrack-to-cyber-
what are the different tools and technologies used.
crime/the-12-types-of-cyber-crime.html
Thus, this paper gives a basic understanding in context of ethical
hacking. [5]. Aaron Emigh. Online identity theft: Phishing technology,
chokepoints and countermeasures. ITTC Report on Online Identity
Theft Technology and Counter measures; http://www.anti-
6. REFERENCES phishing.org/Phishing-dhs-report.pdf, October 2005.
[1]. Simson Garfinkel and Robert Miller. Johnny 2: A user
test of key continuity management with s/mime and outlook
express. Symposium on Usable Privacy and Security (SOUPS
2005), July 6-8, 2005, Pittsburgh, PA.

1606