Allinone Cyberteam Pvt.Ltd.

Registry •The registry is a hierarchical database that stores the values of variables in Windows and the applications and services that run on Windows. The operating system and other programs also use the registry to store data about users and about the current configuration of the system and its components. •The registry is available whenever the system is running, programs that start and stop can keep persistent data in the registry. Structure of the Registry •Much of the registry consists of nested containers known as subtrees, keys, and subkeys, which are like folders. •The actual data is stored in the registry entries, the lowest level element in the registry. •The series of nested containers make up a path to each entry. Because entry names are unique only within a path, entries are referenced by their full registry path and name. Subtree •Subtrees are the root, or primary divisions, of the registry. •The Windows Server 2003 registry is divided into five subtrees. Sub

Understanding Windows Registry •The Windows Registry is a hierarchical database that stores •configuration settings and options on Microsoft Windows operating systems. •It contains low level settings for operating system components and application. •The kernal, device drivers, services application make use •of it. •We will demonstrate registry hacking by:- 1. Hiding any Hard disk drive (HDD) 2. Changing the background of login screen Registry Hacking for Hiding Hard Disk Drive(HDD): 1.Start-Run-regedit 2.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Policies\Explorer 3.Right click-new -DWORD 32 bit - name it as NoDrives. Drive Decimal value C: 4 D: 8 E: 16 F: 32 •GOTO C:> Windows\System32\oobe\info\backgrounds\ Paste image less than 255kb name it as backgroundDefault.jpg •Note: - If you find any folder missing the create the folder with the name given in the path

Here we’ll learn how to break an Administrators password or to create an account without knowing the Administrator password. We need a backtrack CD What we’ll do here is, we will change the sticky key file “sethc.exe” file name to “cmd.exe” file so that if we will press the shift button 5 times on the login screen the command prompt will come up. Once the command prompt displayed we can make a user through command and can give the Administrators rights to him. Steps: 1. Insert the CD in CD-ROM Live boot the system through the backtrack O/S, Select the boot priority by pressing F12 CD/DVD After the machine will boot if it will ask you for the login, then the Username = Root Password = toor Type “startx” to change CLI to GUI Once you come to the GUI 2. Open a Terminal Type:#fdisk –l (To check the free disk) 3. #mkdir /mnt/cdrive (To make a directory to mount the cdrive, you can use any name here it is just a folder name) 4. #mount –t ntfs /dev/sda2 /mnt/cdrive (Mount the C

Why gather information?   Avoids reinventing the wheel. • Helps you to gain a deep understanding of the issue so that you can address it properly. •You need all the tools possible to create the best program you can. •It can help you ensure your program is culturally sensitive. • Knowing what’s been done in a variety of other circumstances and understanding the issue from a number of different viewpoints may give you new insights and new ideas for your program. Information Gathering Tools Maltego www.paterva.com •Maltego is an intelligence and forensics application. •It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Google Hacking Social Information Gathering: Maltego •Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates • Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure

That's right. You read that correctly. NMAP, the world's leading port scanner and one of the few tools that should be in every single tester's toolkit, can help you determine a lot of information regarding a target. Host discovery, my friends. NMAP can help you discover lots of information about the hosts on the outward-facing interfaces of a network. And it does all this without touching the hosts in question. That's right. You can perform lots of recon with nmap without slinging a single packet at the target hosts. Previously, we've discussed using Maltego to determine host information (IP's, owner information, etc). Now we're going to do the same from the command line (and do it a might bit quicker, too). But first a little history ... 1. Setting the Wayback Machine to 199x The Internet runs mainly because a service, provided by Domain Name System (DNS), translates “friendly names” (like “www.google.com”) to IP addresses (74.125.91.106) and then route

Network Topologies •There are three main local area network (LAN) topologies: Bus Star Ring •Other network topologies include: Mesh Wireless What is a server? •Server is a machine which provides services to the nodes or computers in a network and those computers using services are known as client machines. •For each any every service client have to request to the server. Client Server Model   Servers •Computers or processes that manage network resources Disk drives (file servers) Printers (print servers) Network traffic (network servers) •Example: Database Server A computer system that processes database queries Clients •Application that run on a computer •Rely on a server for Files Devices Processing power •Example: E-mail client An application that enables you to send and receive e-mail Types of Servers •Application Servers •Audio/Video Servers •Chat Servers •Fax Servers •FTP Servers •Groupware Servers •IRC Servers •List Servers •Mail Servers •News Servers •P

Types Of Network •LAN - Local Area Network is in a small geographical area, such as a college or office building. •WAN - Wide Area Network Combination of multiple LANs. •WLAN - Wireless Local Area Network Links two or more devices using some wireless distribution method and usually providing a connection through an access point to the wider internet. Local Area Network (LAN) •A LAN connects network devices within a limited geographical area such as office buildings or schools. •The data transfer is managed by a transport protocol such as TCP/IP. •The transmission of data is performed by the access method (Ethernet, Token Ring, etc.). Wide Area Network (WAN) •A WAN covers a wide geographic area, carrying data over long distances, such as a country •WANs can be formed by different LANs •The connection between different LANs may not be permanent •WANs are sophisticated networks, but transmission speeds have generally been slower than those commonly achieved on LANs WLAN (Wireles

Network: When you have two or more computers connected to each other, you have a network. The purpose of a network is to enable the sharing of files and information between multiple systems. The Internet could be described as a global network of networks. Computer networks can be connected through cables, such as Ethernet cables or phone lines, or wirelessly, using wireless networking cards that send and receive data through the air. Types of Network: • LAN - Local Area Network • WLAN - Wireless Local Area Network • WAN - Wide Area Network • MAN - Metropolitan Area Network • SAN - Storage Area Network, System Area Network, Server Area Network, or sometimes Small Area Network • CAN - Campus Area Network, Controller Area Network, or sometimes Cluster Area Network • PAN - Personal Area Network • DAN - Desk Area Network LAN and WAN were the original categories of area networks, while the others have gradually emerged over many years of technology evolution. LAN - Local Area Network A LAN

What they are?? •Ethics :  Moral principles that govern a person's or group's behaviour. •Hacking :  The practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. Hacking: How it all began?? •Been around for more than a century. •1960s – MIT’s artificial intelligence lab became staging grounds for hackers. •1970s – John Draper makes a long-distance call for free. •1980s – Kevin Mitnick, secretly monitors the e-mail of MCI and Digital Equipment security officials. •1990s – Hackers break into and deface federal Web sites, including the U.S. Department of Justice, U.S. Air Force, CIA, NASA and others. SINE IIT Bombay Why is security needed ?? •Information is a strategic resource. •A significant portion of the organizational budget is spent on managing information. •Have several security related objectives:  Confidentiality - keep info secret  Integrity - protect info accuracy  Availabilit

1. A HISTORY OF HACKING Hacking has been around for more than a century. In the 1870s, several teenagers were flung off the country's brand new phone system by enraged authorities. Here's a peek at how busy hackers have been in the past 35 years. 1.1. Early 1960s University facilities with huge mainframe computers, like MIT's artificial intelligence lab, become staging grounds for hackers. At first, "hacker" was a positive term for a person with a mastery of computers who could push programs beyond what they were designed to do. 1.2. Early 1970s John Draper makes a long-distance call for free by blowing a precise tone into a telephone that tells the phone system to open a line. Draper discovered the whistle as a give-away in a box of children's cereal. Draper, who later earns the handle "Captain Crunch," is arrested repeatedly for phone tampering throughout the 1970s. John Draper Yippie social movement starts YIPL/TAP (Youth Internatio