03 October 2008

Hacking Techniques Part-1

Hello friends in this post and in the next post i am going to tell you some most common hacking techniques that most of the hackers used during hacking.

1) CALLBACK UNITS:Callback units are a good security device, But with most phone systems,it is quite possible for the hacker to use the following steps to getaround a callback unit that uses the same phone line for both incoming and out going calls:First, he calls he callback unit and enters any authorized ID code (this is not hard to get,as you'll see in a moment). After he enters this ID, the hacker holds the phone line open - he does not hang up. When the callback unit picks up the phone to call the user back, the hacker is there, waiting to meet it.

The ID code as I said, is simple for a hacker to obtain, because these codes are not meant to be security precautions.The callback unit itself provides security by keeping incomming calls from reaching the computer.The ID codes are no more private than most telephone numbers. Some callback units refer to the codes as "location identification numbers," and some locations are used by several different people,so their IDs are fairly well known.I've been told that, in some cases,callback ubits also have certain simple codes that are always defined by default. Once the hacker has entered an ID code and the callback unit has picked up the phone to re-call him,the hacker may or may not decide to provide a dial tone to allow the unit to "think" it is calling the correct number. In any event,the hacker will then turn on his computer, connect with the system - and away he goes.If the however, the hacker has trouble holding the line with
method,he has an option: the intercept.

The Intercept: Holding the line will only work with callback units that use the same phone lines to call in and to call out.Some callback units use different incoming and outgoing lines, numbers 555-3820 through 555-3830 are dedicated to users' incoming calls, and lines 555-2020 through 555-2030 are dedicated to the computers outgoing calls.The only thing a hacker needs in order to get through to these systems is a computer and a little time - he doesn't
even need an ID code. First,the hacker calls any one of the outgoing phone lines, which, of course, will not answer.Sooner or later, though, while the hacker has his computer waiting there, listening to the ring, an authorized user will call one of the incomming lines and request to be called back.It will usually be less than an hours wait, but the hacker's computer is perfectly capable of waiting for days, if need be. The callback unit will take the code of the authorized user, hang up, verify the code, and pick up the phone line to call back.If the unit tries to call out on the line the hacker has dialed, the hacker has his computer play a tone that sounds just like a dial tone.The computer will then dial the number given that matches up with the user's authorized ID.After that,the hacker can just connect his computer as he would in any other case.If he is really serious,he will even decode the touch tones that the mainframe dialed,figure out the phone number of the user the system was calling, call the person, and make a few strange noises that
sound as though the computer called back but didnt work for some reason.

2) TRAPDOORS AS A POSSIBLILITY:I haven't heard of this happening, but i think it is possible that a callback modem could have a trapdoor built into it.Callback modems are run by software, which is written by programmers.An unscrupulous programmer could find it very easy to slip in an unpublicized routine, such as, "if code =*43*, then show all valid codes and phone numbers." And such a routine, of course, would leave security wide open to anyone who found the trapdoor.The obvious protection here, assuming the situation ever arises,is simply an ethical manufactorer that checks its software thoroughly before releasing it.

A trapdoor is a set of special instructions embedded in the large program that is the operating system of a computer.A permanent, hopefully secret "doorway", these special instructions enabe anyone who knows about them to bypass normal security procedures and to gain access to the computer's files.Although they may sound sinister, trapdoors were not invented by hackers, although existing ones are certainly used by hackers who find out about them.

In the next post i will tell you the remaining hacking techniques.

No comments: