A beginner’s guide to computer hacking, how to hack, internet skills, hacking techniques, and more!
Table Of Contents
Chapter 1 – What is Hacking?
Chapter 2 – Ethical Hacking 101
Chapter 3 – Hacking Basics
Chapter 4 – Network Hacking Basics
Chapter 5 – Hacking Your Own Windows Password
I’d like to express my gratitude and congratulations for downloading the book “Computer Hacking.”
This book is full of useful information on computer hacking and the skills needed to hack.
This book will walk you through the fundamentals of computer hacking and is geared toward novices. You’ll learn about the various forms of hacking, as well as the most common hacking methods and the various areas of a system that can be hacked.
This book is jam-packed with helpful hints and tactics that will help you start honing your computer hacking talents! You’ll learn some fundamental hacks that you can use right away, as well as tools that will help you with your hacking adventures.
Keep in mind that hacking should be done ethically. Only white hat hacking should be done, therefore remember to keep your morals in check as your hacking abilities progress!
Thank you again for taking the time to download this book; I hope you enjoy it!
Chapter 1 – What is Hacking?
Today, the term “hacker” has a negative connotation. You’ve probably heard stories of hackers hacking into computer systems and viewing or even stealing very sensitive and private data. Hacking has had an impact on millions of computer users throughout the world. Viruses, spyware, and other forms of malware that slow down, break into, or even cripple your computer system fall into this category.
Not all hackers are questionable and dishonest souls with nothing better to do with their lives. In truth, the term “hacker” had a highly good and constructive connotation at one time. A hacker is a person who enjoys tinkering with computers and other electronic devices. They appreciate figuring out how existing systems work and coming up with ways to make them better.
To put it another way, he used to be the guy tasked with figuring out how to make computers run quicker and more efficiently. In today’s world, a hacker is simply someone who steals computer data for personal gain. Nonetheless, there are good (white hat) and bad (black hat) hackers.
To catch a hacker, you’ll need a hacker, and the good news is that there are plenty of them on your side of the field. The goal of this book is to teach you the fundamentals of ethical hacking (the stuff that white hat hackers do). However, you’ll need to see what black hat hackers do in order to know what to look out for.
The final fact is that hacking is nothing more than a collection of computer abilities that can be utilized for good or evil. Whether a hacker is a white hat, or a black hat depends on how they apply those skills. Skills and tools are always neutral; it’s only when they’re employed for evil purposes that they turn bad.
What are the Objectives of Ethical Hacking?
If today’s hacking is focused on acquiring valuable information, ethical hacking is focused on identifying potential weak points in your computer system or network and securing them before the bad people (aka black hat hackers) use them against you. The goal of white hat hackers, also known as ethical hackers, is to conduct security checks and ensure that everything is secure.
This is also why some professional white hat hackers are referred to as penetration testers. One rule of thumb to assist distinguish penetration testing from malicious hacking is that white hat hackers have the owner’s permission to try to break the system’s security.
If the penetration testing is successful, the system owner will have a more secure computer or network system as a result of the procedure. After all of the penetration testing is accomplished, the ethical hacker, who is responsible for legal hacking, will offer security solutions and may even assist in their implementation.
Ethical hackers should aim to hack into a system (one that they have been granted permission to hack, specifically by the system’s owner), but they should do so in a non-destructive manner.
This means that, despite the fact that they hacked into the system, they should not interfere with
One of their objectives is to uncover as much vulnerability as possible. They should also be able to count them and report back to the owner of the hacked system. It is also their responsibility to demonstrate each vulnerability they find. This could include a demonstration or any other type of evidence they have.
Ethical hackers frequently report to the system’s owner, or at the very least to the component of a company’s management in charge of system security. They collaborate with the company to ensure that the integrity of their computer systems and data is maintained. Their ultimate goal is to implement the outcomes of their research and improve the system’s security.
Of course, there is a caveat to all of this. For starters, you can’t expect to cover all of your bases. It is impossible to expect any computer system or electronic system to be protected from all possible threats. The only method to do so is to disconnect your computer from the network, lock it up, and keep it away from any possible contact. Through that time, the data stored in your system will be useless to anyone.
No one, not even the strongest hacker on the planet, can anticipate every eventuality. In this interconnected world, there are far too many unknowns. John Chirillo went so far as to write a whole book about hacking techniques that may be used on any number of platforms. That’s the number of flaws in the system. You can, however, test for all of the greatest as well as all known potential assaults. If a new technique of breaking in is discovered, you can hire an ethical hacker to assist you in devising a countermeasure. You may tell that your systems are virtually safe for the time being using those methods. You only need to keep your security up to date from time to time.
Chapter 2 – Ethical Hacking 101
You should also be aware of the actual threats and vulnerabilities that your computer systems and networks face as part of ethical hacking. You should be aware that every time you connect your computer to the internet or provide a Wi-Fi connection for your pals, you are also opening a gateway (or gateways) for others to break-in.
We’ll look at some of the most prevalent security flaws that ethical hackers will have to deal with and eventually keep an eye on in this chapter.
Network Infrastructure Attacks
Hacks that break into local networks as well as the Internet are known as network infrastructure attacks. Many networks may be accessible through the internet, which is why there are so many that can be hacked. Connecting a modem to a local network is one approach to break into a network. The modem should be linked to a computer that is protected by the firewall on the network.
Another way to break into a network is to use NetBIOS, TCP/IP, and other network transport methods. Some tricks involve flooding the network with a large number of requests to cause a denial of service.
Data packets travelling across a network are captured by network analyzers. The data they collect is subsequently evaluated, and the information contained within is exposed. People piggybacking on unsecured Wi-Fi networks is another example of a pretty prevalent network infrastructure breach. You may have heard stories about people walking about their neighbourhood with their laptops, tablets, or cellphones in search of an open Wi-Fi signal from a neighbour.
Non-technical attacks entail persuading people to reveal their passwords, whether willingly or not. The term “social engineering” comes to mind as a tactic for these types of attacks. Duping (or even bribing) a coworker to reveal passwords and usernames is an example of this. Later on, we’ll take a look at social engineering.
Another non-technical assault is just stepping into another person’s room, booting the computer, and then getting all the information you require – yes, it sounds like Tom Cruise and his mission impossible squad, but these non-technical attacks are a serious element of hacking strategies.
Attacks on an Operating System
Operating system hacks are one of the most common types of hacks per quota. It’s just a numbers game, really. There are a lot of computers out there, and many of them don’t have adequate security.
Many operating systems have security flaws – even the most recent versions have a few bugs that can be exploited.
Password hacking or breaking into encryption mechanisms are two ways that operating systems might be attacked. Some hackers are simply addicted to breaking into other people’s passwords for the mere excitement of it.
Attacks on Applications
Apps, particularly those that are online or deal with connection, are frequently targeted. Web apps and email server software applications are two examples. Spam mail is one of the attacks (remember the Love Bug or ILOVEYOU virus from 2000?). Spam mail can contain almost anything that can compromise your computer system.
Malware, or malicious software, is another tool in a hacker’s arsenal when it comes to attacking almost anything, especially apps. Trojan horses, worms, viruses, and spyware are examples of these software packages. Many of these programmes can access your computer system via the internet.
SMTP (Simple Mail Transfer Protocols) and HTTP (Hypertext Transfer Protocol) applications are two other types of applications that are commonly targeted. The majority of these programmes are routinely allowed to pass across firewalls by computer users. They are given access solely because the users or a corporation require them for their business activities.
So Why Do You Have to Know All This?
You must understand the threat in order to do it yourself and give a method for protecting a computer system from the attack (or hack). Obviously, you can’t defeat an opponent you don’t recognize. You can’t counter a technique that you don’t understand.
Please keep in mind that this is merely an introductory book for complete novices. This book will not be able to cover all of the available hacking techniques. But at the very least, you’ll know how it’s done and what tools you can use to test your own systems.
The Ethical Hacker Mindset
Because this book promotes ethical hacking, you should familiarize yourself with the code and philosophy of white hat hackers. These are some very basic guidelines that will assist you along the road. They’ll also ensure that you don’t get lost when you master more advanced hacking skills.
Working ethically is the first rule of thumb. Even if you’ve been given permission to hack into someone else’s computer, you shouldn’t have any hidden objectives. Keep in mind that you were employed to look for flaws in your employer’s system. Trust is, of course, a major element of ethical hacking.
The next rule is to avoid crashing the system. It makes no difference whether you’re trying to break into your own computer or someone else’s computer system or network.
Your purpose is to uncover the flaws, not to generate chaos. During and after your testing, the system you hack should still be able to function normally.
The final rule is to respect the privacy of the other person. Even if you have the ability to look at someone else’s personal information, you are not allowed to do so. At the end of the day, any possible attacks on any type of private data should be reported.
Chapter 3 – Hacking Basics
We’ll look at some of the most fundamental hacking techniques and tools in this chapter. These fundamental tools can be used in a variety of hacking approaches. Some of the tools and strategies discussed in this chapter aren’t particularly technical. In reality, of the numerous skills you might learn in your white hat hacking career, they may be the easiest.
A non-technical hack is social engineering. It doesn’t mean you have to go to Facebook or another social networking site solely to collect information about someone else. It simply entails utilizing the most common resource available to computer users and businesses alike – people. In the case of businesses, it’s the people who work for them.
People are trusting by nature. It’s natural to have faith in others, especially if you know them. Hackers will try to exploit this flaw in any organization. They only want a few details from one worker, which they may then utilize to obtain additional information from another employee, and so on.
For example, they could pretend to be a computer repairman or tech support professional and contact a company’s customer. They might persuade the individual to download some free software. Although the programme was free, it was not what the hacker had described. The files are downloaded by a consumer who trusted the company’s service. The customer’s downloaded programme subsequently performs remote actions without the customer’s awareness. As a result, the hacker is able to obtain useful information.
To subscribers of a service, they may claim to be this or that from a specific company. And they don’t always request that a subscriber or consumer download something for “free.” They might even ask for the customer’s or subscriber’s username and password outright. Because individuals are trusting, they automatically reveal such knowledge.
On the other side, phishing sites provide the same function. The purpose of these websites is to collect login information. Some phishing sites even feature visual patterns or designs that are identical to the actual site. Customers on Amazon may be duped into signing up for a phishing site that appears to be the real thing. They log on under the impression that the site is related to Amazon. Customers’ usernames and passwords are then collected by the website. Imagine if they could force consumers to input their credit card numbers, PayPal passwords, and other sensitive information!
Because you have to make yourself look legitimate and legit to a complete stranger, social engineering is one of the most difficult hacks out there. It is, however, one of the most difficult types of hacks to counter once effective.
Social Engineering Basic Steps
Gathering information about the company or individuals is the first stage. Hackers can conduct their own research. They can use information submitted with the Securities and Exchange Commission (SEC), finance organizations, and pretty much any other helpful data — there’s a lot of it out there. The more information you can gather about a company or group, the better. Some hackers even pay someone else to search the internet for all the information they require.
Some hackers even go through the company’s garbage – yes, dumpster diving. It’s not a pleasant prospect, but it occasionally yields some pretty intriguing documents. Meeting notes, printed emails, organizational charts, network diagrams, a list of usernames/passwords, lists of internal phone numbers, and even their employee handbook are among the materials that some employees unknowingly discard.
The next step is for them to establish trust. Hackers use the information they’ve gathered to contact employees or customers. They take on the role of a firm employee. They frequently appear to be a good person who is willing to help or in need of assistance. The degree to which they are credible is determined by the amount of information they have accumulated. They don’t have to perform face-to-face meetings or speak to their target in person all of the time. They can chat, leave voice mail, and even send an official-looking email.
As an illustration of this circumstance, we’ve already mentioned the Love Bug. The worm virus’s author also utilized social engineering to get his victims to open the infected email. The targets’ email addresses were obtained from email lists. When the target folks saw the email, they realized it was from one of their friends, so they assumed it was safe to open. The virus programme then collects emails and other data from the target’s machine and transmits copies of itself to other contacts in the form of other emails.
The Nigerian 419 scheme is another excellent example of social engineering. Targets receive an email from someone they believe to be a friend offering to transfer a specific amount of money to their bank accounts. They request a small sum of money as well as the target’s bank account information. Anyone who fell for it found out the next day that their bank accounts were empty.
Countermeasures to Social Engineering
The most effective countermeasure to social engineering is public education. Keep your consumers and staff informed about the company’s official statement. People should be suspicious of anyone who requests login details or other sensitive information.
Compromising Physical Security Flaws
Physical security is an important aspect of data security. Hackers may gain access to one of your PCs in the future. They won’t be able to get past your company’s firewall, but they will be able to install hardware or software within your network by just stepping in the door and plugging a device into one of your employees’ PCs.
Smaller businesses with fewer staff will have less to worry about. These workers almost never let a stranger use their computers. Larger firms have a more serious problem since they have more personnel, computers, and other entry points that hackers might use.
Hackers may not always prefer to simply install a piece of hardware and gain access from the inside. They may only require access to a computer, the theft of key documents, or the seizure of anything that appears to contain vital information. When questioned, they usually have an alibi. They will try to enter a building through any door, including employee smoking areas outdoors, cafeteria doors, fire escapes, or any other suitable entry point. They may even follow staff back inside a building, and all they have to say to gain access is “thank you for keeping the door open.”
For some hackers, one of the most popular pastimes is password hacking. It should be noted, however, that it can be performed through social engineering and exploiting workplace physical vulnerabilities. Looking over someone’s shoulder while they type their password onto a computer is a simple approach to hacking their password. One of the most popular ways for hackers to gain access to information through a network or computer is through password hacking.
The inference is another strategy. You acquire as much information as possible about a potential employee (birthdates, names of children, their favourite stuff, important dates, phone numbers, favourite shows, and other stuff). When you’re trying to guess the password, you’ll use those. You’d be surprised at how many people use their birthdates digits and other easy-to-remember numbers as passwords.
Of course, there are more sophisticated methods for guessing another person’s password. In terms of password hacking, network analyzers, remote cracking utilities, and other types of password cracking software are common tools. You might have also heard of “brute force” application programmes. Brute force is a password guessing method based on trial and error. These apps attempt to guess the password using all available combinations. It could take a long time for them to figure out the password. Exhaustive key search is another name for this strategy.
Some hackers try to get access to another’s computer by exploiting physical weaknesses in order to find passwords. Passwords are usually stored in the same directory or location as the SAM, or security accounts manager, in Windows operating systems, such as the c:\…\win32\config directory or another comparable location. Passwords are sometimes saved in a database file that is still active, such as ntds.dit. Some people use a USB thumb drive to store emergency repair discs or files. All that is required is directory access (e.g. c:\winnt\repair). Some passwords can also be found in the registry of the operating system. Employees may also save their passwords in a text file, making it easier for hackers to access them.
Installing keyloggers is another approach to crack someone’s password, especially if you have access to their computer. These are either software or hardware devices that record the keystrokes of unwitting users. Every word they type is registered or recorded. Many keystroke logging software applications are available for purchase or are given away for free. Hardware-based keystroke-logging solutions, such as a replacement keyboard or a keylogging gadget that plugs into a USB port on the back of your target’s computer, are also available.
Chapter 4 – Network Hacking
Hacking into a network can take many different forms. One example is when people use someone else’s internet connection to surf the internet for free. The flip side of the coin is that now that you’re inside a network, you may scan it for any unsecured network devices attached to it, such as computers or other portable devices. The information can then be accessed remotely.
When you’ve logged onto a Wi-Fi network in a local café, for instance, you can open Windows Explorer and click on Network. If file sharing and network discovery are enabled in that network, you can search for a linked computer or device and attempt to access its files. We’ll go through the fundamentals of network hacking in this chapter.
War dialling should satisfy your desire to learn about the old school methods of hacking into another person’s network. This kind of hacking takes advantage of flaws in another person’s phone system. Yes, some people still use dial-up connections to access the internet. Some network managers even preserve obsolete dial-up connections as a backup in case their primary internet service fails.
Of course, war dialing software is one of the tools of the trade. Repeat dial tones can be detected by hackers. They can then dial a password at the dial tone and make free calls from wherever. They can also access voice mail, which is extremely useful for PBX-based phone systems.
Network Structure Vulnerabilities
Computer networks are not without flaws. Hacking exploits can make use of even low-level flaws. The same tools that you use to hack networks can also be used to detect any vulnerabilities in your network.
You’ll need network scanners that can trace routes, check for DNS addresses, and do other network inquiries. Port scanning and ping sweeps are also possible with some scanners. Some people can also perform SMTP relay testing. You’ll also need a scanner that can fingerprint operating systems and probe host ports. Network scanners can also be used to test firewalls.
Port scanners can reveal the devices that are connected to your network. They’re simple to use and can be used to test any system. TCP protocols are used by all of the widely hacked ports, however, some of them also utilize UDP. 23 (Telnet), 22 (SSH), 7 (Echo), 53 (DNS), 21 (FTP control), 80 (HTTP), 25 (SMTP), 443 (HTTPS), 19 (Chargen), 1433 (Microsoft SQL Server), and 20 (FTP data) are among the most often used ports and services.
Breaking Into Wi-Fi Networks
Wireless networks in the home, business, cafes, and pretty much anywhere else are potential targets for hackers.
Wi-Fi networks used to be opened all the time. That means that if you had a device that could connect to the internet via a wireless connection, all you had to do was look for free open networks in your neighbourhood. When you bought a wireless router back then, the default setup was open, which meant that anyone could connect and use your internet.
Of course, this resulted in a slew of issues. The slower your wireless connection becomes as more devices are linked to it. Back in the day, the range of your Wi-Fi router’s signal was the only thing keeping hackers away from your connection.
Back then, directional antennas and signal amplifiers were common tools of the trade. Some of the more expensive gadgets can detect your Wi-Fi signal from great distances.
WEP (Wireless Encryption Protocol) was the sole security option accessible to Wi-Fi router owners back in the day. For a while, it functioned, although it was poorly designed. Anyone can observe the connection between your router and eventually breach the WEP code.
Users no longer place limits on their Wi-Fi transmissions, which is a good thing because it eliminates the need for those expensive antennae. Nowadays, most routers have a range of 1,500 feet (about 500 meters). The only difference today is that newer routers employ WPA (Wi-Fi Protected Access) and WPA2 (Wi-Fi Protected Access 2) as security methods.
However, with the improvement in today’s wireless security protocols, come improvements in the way wireless networks are hacked. These new security protocols are theoretically and practically superior to WEP. Those codes will now take several days, if not months, to crack with the old surveillance and Wi-Fi cracking software techniques. However, as wireless security protocols improve, the hacked wireless networks improve as well.
If you wish to hack into your neighbour’s wireless connection these days, you should monitor the wireless activity and grab the data (pocket capture) as their computer or any other permitted device logs into the router or access point. Given the fact that most people have their laptops linked to their routers virtually constantly, this may appear to be a difficult item to come by.
The good news is that there is a way through this difficult stumbling block. All you have to do is send a deauth frame. What exactly is it? These are packets that you send to the access point (for example, the wireless router) to de-authorize other devices on the network. Simply put, sending those packets will require all linked devices to re-login. You have the opportunity to capture the login information because those devices will have to log in again.
Tools for Hacking Into Wireless Connections
Today’s tools for hacking Wi-Fi connections are readily available. You’ll have to pay for the really nice ones, but there are some open-source (i.e. free) ones available as well. You’ll need to hunt up and download a piece of software known as penetration testing (e.g. Aircrack- ng among many others). Some of these programmes will set you back hundreds of dollars, if not thousands. If that’s not a price you’re willing to pay, open-source alternatives are available. They work as well but they have
Deauth frames can be sent by wireless penetration testing applications. They will then capture pcap files (pcap = packet capture) for you. It will take around an hour to capture the pcaps. What do you do with the pcap files is the next question? Some penetration testing software can perform data analysis for you. However, if the capabilities of your hacking tool are limited (because of the fact that it is free), you will need to purchase a password cracker to crack the pcap files.
Some password crackers are free, while others require payment. Some of them require installation on your computer, while others are available online. The primary operation of these password crackers is to compare the pcap files to a database that contains millions of possible passwords. These software applications can crack passwords in a matter of seconds in some cases.
One little-known fact is that many routers today still support Wi-Fi Protected Setup. The PIN is frequently broken down into two equal pieces using cracking software. The pin has a total of eight characters. It’s worth noting that the pin’s last character is nothing more than a checksum. This indicates that only the first seven digits/characters need to be cracked.
You may have come across routers that do not broadcast their SSID, which is the name given to the wireless network by the user. A wardriving stumbler application can help you figure it out. Some routers additionally offer MAC filtering, which restricts access to the wireless network to only those devices that are listed. While this may appear to be secure, MAC addresses on this list can be recorded in the same manner as pcap files can. Spoofing is the process of copying or using the acquired MAC addresses as your own. Yes, there are software applications that can fake MAC addresses for you, or you may alter the registry yourself.
Chapter 5 –Hacking Your Own Windows Password
It happens all the time that people forget their passwords. So, what do you do if you or someone you know loses access to their own computer? That’s when your trusty hacking talents (however rudimentary they may be) will come into play. You should keep in mind, though, that breaking into someone else’s computer is unlawful unless they hired you to do it.
Default Administrator Account
So, let’s pretend you still have a PC running Windows 7. (some people just hate Windows 8). You can utilize the Windows 7 Administrator account – yep, the default one – as one of the hacks. When you start the computer in normal mode, it’s normally disabled. As a result, you must start the computer in Safe Mode.
On Windows 7, you must pick the default administrator after the computer starts into Safe Mode. It’s the one that doesn’t require a password. To log in, simply leave the password field empty. You can go to Control Panel and change the password of the user account in question once you’ve logged in.
Password Reset Disk
A password reset Disc includes a short wizard programme that guides users through the process of establishing a new password for a locked Windows user account. When the operating system was first installed, this disc (or the password reset file, which can also be kept on a USB thumb drive) should have been generated. The majority of individuals create the reset Disc and then forget about it. It’s past time you helped them recall where they put their Windows password now that they’ve forgotten it. Once you’ve got it, connect it to your computer and select “Reset Password.”
After that, all you have to do is follow the steps. You’ll be asked where you want to save the password reset files, so choose the appropriate drive (i.e. the thumb drive). You’ll be asked to create a new password as well. After that, all you have to do is follow the directions that appear on the screen.