Terminologies in Ethical hacking

Vulnerability

Some basic
Terminologies Payload

Exploit
Vulnerability
• A vulnerability refers to a weakness or flaw in a system,
software, or network that can be exploited by an attacker to
compromise its integrity, confidentiality, or availability.
• For Ex:
• Let's say you have a social media app on your
smartphone that allows you to upload profile pictures.
If there is a vulnerability in the app that allows users to
upload malicious files instead of regular images, it
could potentially lead to the compromise of the app or
your device.
Exploit
• An exploit is a piece of software, code, or technique that takes
advantage of a vulnerability to carry out an attack. Exploits are
specifically designed to target and leverage the weaknesses or flaws
in a system or software.
• For example, the exploit might involve manipulating the app's
image upload functionality by sending a specially crafted image
file that triggers the vulnerability, allowing the attacker to
execute their payload.
Payload
• A payload refers to the code or set of instructions that
an attacker delivers to a target system after exploiting
a vulnerability.
• For instance, the payload could be designed to
gain unauthorized access to your personal data
stored on the device or even control your device
remotely.
Virus

• Virus is a computer program or software

that connect itself to another software
or computer program to harm computer
system.
• When the computer program runs
attached with virus it perform some
action such as deleting a file from the
computer system.
• Virus can’t be controlled by remote.
Worms
• Worms is also a computer program like virus, but it
does not modify the program. It replicate itself
more and more to cause slow down the computer
system. Worms can be controlled by remote.
• Worm: A self-replicating program
• The major difference between a virus and a worm
is that worm does not attach itself to other existing
program as viruses do .
• Worms spread across networks due to poor
security of the infected computers.
• As this type of infection runs by itself it can have
devastating impacts.
• Worm Viruses Include: lovgate.F, sobig.D ,trile. C
Trojan Horse

• Trojan Horse does not replicate itself like

virus and worms. It is a hidden piece of
code which steal the important
information of user.
• For example, Trojan horse software
observe the e-mail ID and password
while entering in web browser for
logging.
Bots

A bot is a software program that performs an

automated task without requiring any interaction. A
computer with a bot infection can spread the bot to
One way to control bots is to use tools that help
other devices, creating a botnet. This network of
determine if traffic is coming from a human user or
bot-compromised machines can then be controlled
a bot. For example, you can add CAPTCHAs to your
and used to launch massive attacks by hackers,
forms to prevent bots from overwhelming your site
often without the device owner being aware of its
with requests. This can help you identify and
role in the attack. Bots are capable of massive
separate good traffic from bad.
attacks, such as the distributed denial of service
attack (DDoS) in 2018 that brought down the
internet for most of the Eastern U.S.
Ransomware
• Ransomware attacks encrypt a device’s data and holding it for ransom until
the hacker is paid to release it. If the ransom isn’t paid by a deadline, the
hacker will threaten to delete the data—or possible expose it. Paying up
may not help; often, victims lose their data even if they pay the fee.
Ransomware attacks are some of the most newsworthy malware types due
to their impact on hospitals, telecommunications firms, railway networks,
and governmental offices.
• A prime example is the WannaCry attack that locked up hundreds of
thousands of devices across more than 150 countries.
• In addition to patching and training employees on cyber hygiene best
practices to avoid having them click on malicious links, create regular
off-site backups at a secure off-site facility. This will let you restore your
systems quickly without paying the ransom.
Spyware

Cybercriminals use spyware to monitor the activities of users. By Much like other malware, antivirus software can help you detect and
logging the keystrokes, a user inputs throughout the day, the malware eliminate spyware. You can also use anti-tracking browser extensions
can provide access to usernames, passwords, and personal data. to keep spyware from following your users from site to site.
Rootkit Malware

• Rootkit malware is a collection of

software designed to give malicious
actors control of a computer network or
application.
• Once activated, the malicious program
sets up a backdoor exploit and may
deliver additional malware, such as
ransomware, bots, keyloggers or trojans.
Rootkits may remain in place for years
because they are hard to detect, due in
part to their ability to block some
antivirus software and malware scanner
software.
Keyloggers
• A keylogger is a type of spyware that monitors
user activity. Keyloggers have legitimate uses;
businesses can use them to monitor employee
activity and families may use them to keep track
of children’s online behaviors.
• However, when installed for malicious purposes,
keyloggers can be used to steal password data,
banking information and other sensitive
information. Keyloggers can be inserted into a
system through phishing, social engineering or
malicious downloads
Google
Dorking
Google Dorking
• Using Google search techniques to hack into
vulnerable sites or search for information
that is not available in public search results.
• We can say that Google reacts sensitively to
certain search strings when applied with
specific operators.
• Intitle:admin
• Cyber security + ethical hacking
Phases of hacking
Information Gathering:
• The information which is public in
nature which is present on
internet.
Scanning

• Gathering the information which is

private in nature --> IP of machines.
mac of address-- services are running
in machine, ports are open
• The primary goal of scanning is to
obtain a more detailed understanding
of the target's network architecture,
services, and potential entry points for
exploitation.
Gaining Access
• In this a hacker attempts to gain
unauthorized entry into a computer
system, network, or device.
• Based on the information a hacker
collect they try to use the
vulnerabilities for their own
advantage.
• In this phase the actual “hacking”
begins
Maintaining
Access
• If the hacker fails to maintain the access,
they lose access of the system of the target.
• It is very important part of the hacking since
in this the hacker maintains the access and
do what they desire to do.
• They try to ensure that they won’t do
anything that raises suspicious in certain
cases
 Clearing the Tracks

• Once the work is done the hacker

make sure they don’t leave any traces
behind.
• In this hacker tries to remove anything
that may use against them or reveal
their identity.
• This is most important part of hacking
since your future as a hacker depends
on it