Cracker
The term cracker or cráquer (literally translated as breaker, from English to crack, which means breaking or breaking) is used to refer to people who break or violate any computer security system. illegally, crackers can be motivated by a multitude of reasons, including profit, protest, or defiance. It is widely understood that crackers are engaged in the unauthorized editing of proprietary software. However, it must be understood that although binary executables are one of the main objectives of these people, a web application or any other computer system represent other types of attacks that can equally be considered acts of cracking.
History
Since 1980, the hacker culture had appeared, amateur programmers or outstanding people or with significant knowledge of computers. These programmers were not usually on the side of illegality, and although some knew techniques to breach security systems, they stayed within the legal realm. But over time, people emerged who, using their computer knowledge, took advantage of weaknesses or errors in some computer systems and cracked them, that is, they circumvented the security system many times, entering illegality and some considering these practices as negative. These people continued to be called hackers, so around 1985 the "original"hackers" they began to call them crackers as opposed to the term hacker, in defense of the latter for their incorrect use of the term.
For this reason, crackers are criticized by the majority of hackers, due to the loss of prestige that it brings to them in the eyes of public opinion and companies, since many times, even in the media, they make no difference. between the term hacker and cracker, creating confusion about their definition and appearing to have a different meaning.
Different uses of the term
A person is often referred to as a cracker when:
- Through reverse engineering he performs serials, keygens and crackswhich serve to modify the behavior, expand the functionality of the original software or hardware to which they apply, etc. They are usually used to mock restrictions such as, for example, a program stops running at a certain time, or it only works if installed from an original CD.
- It violates the security of a computer system and takes control of it, obtains information, erases data, etc.
- Total control in the computer world.
Legality
Many computer programs, generally proprietary ones, do not allow the modification or study of the code that makes up the program. This makes it illegal to disassemble or reverse engineer the program. Sometimes cracking is the only way to make changes to software for which its manufacturer does not provide support, especially when it is necessary to correct defects, or export data to new applications. In these cases, cracking is not considered an illegal activity under most laws. Sometimes the company that developed the software no longer exists or no longer owns the rights to the product.
In turn, when a person enters a foreign system without his authorization, a violation of private property is committed [citation needed ] . Also, the tactics used by crackers to violate security systems are often used by computer security companies or other people to test the security of a program or computer, in what are called penetration tests or pentesting. In this case, since you have permission to carry out the attack (or it is the owner of the computer himself who carries it out), it is no longer an illegal practice. The use of the term cracker for such acts would also be in dispute.
Types of crackers
Trojans via instant messaging
This type of crack is based on installing a program with a Trojan or Trojan horse as some call it in reference to Greek mythology, which serves as a remote tool to attack. He has the ability to hide. Once executed, it controls the infected computer. You can read, move, delete and execute any file. A peculiarity of the Trojan is that when it is loaded into an instant messaging program remotely, the hacker will know when the user connects. This is where the intruder will be able to steal information. The transmission of data from the infected computer to that of the intruder is carried out thanks to the fact that the instant messaging program opens a communication tunnel, which will be used by the attacker. It should be noted that the Trojans have an inoffensive appearance and are not they spread the infection to other systems by themselves and need to receive direct instructions from a person to carry out their purpose.
Examples: Backdoor Trojan, AIMVision and Backdoor. Sparta.C., Poison Ivy, NetBus, Back Orifice, Bifrost, Sub7.
Analyzer
Analyzing is the practice of being able to read frames of information traveling over the network. All the information that travels over the Internet, and that arrives at a terminal, such as a computer, is captured and analyzed by said device. However, a sniffer or analyzer collects said information, which is called a frame, and through a technique called packet injection it can modify, corrupt and resend said information.. With this, it is possible to deceive the servers that provide services on the Internet.
Brute Force
Brute force attack is the practice of breaking into a system via "try" all possible password combinations systematically and sequentially. There are different variants for this type of attack, but all based on the same principle: exhaust the possible combinations until valid access to the system is found.
Denial of Service (DoS)
A partial denial of service attack causes the CPU to consume a lot of resources and the computer to become unstable. Another form of attack is what is known as flooding, which consists of saturating the user with messages via instant messaging to the point that the computer stops responding and crashes. Hence, denial of service attacks in messaging programs snapshot will cause the program to stop working.
Phishing
The term phishing came into use in 1996. It is a variant of fishing, but with ph from English phone which means phone. It refers to deception by means of emails to users who have bank accounts. According to statistics from the US Internet Crime Complaint Center, the loss due to mail scams was $1.256 billion in 2004 and according to the Anti-Phishing Task Force there has been a 28% increase in recent years. four months into email scams.
Fake Websites
The technique of creating fake websites has become very popular nowadays. It is about uploading to the network, through false hyperlinks, identical interfaces to real web pages. In this way, the user thinks that the page is real and begins to fill in their information, usually banking. In most cases, they ask the user to enter their password or to enter the system with their account information. Then send an alert that the server is not responding to avoid raising doubts.
Impersonation
One of the most used methods is the puncture which aims to collect information such as user accounts, passwords, etc. This is achieved by the incursion of the Trojans into the computer, solely to collect user information. Once you have that information, you can achieve impersonation and continue with the process until you have information from people close to the infected user.
Reverse engineering
Reverse engineering refers to the process by which the source code of a program is obtained or duplicated. Likewise, when an electronic or software device is processed to determine its components, either to make modifications or copies, we are talking about reverse engineering. In other words, this is the process by which the programming code of a software is obtained, which will later be modified using this same coding. For example, this is what is used when making an executable to bypass a product's registration code, so that by altering the program with your own code, this modification is compatible and does not alter its functionality. This process is commonly known as crack or cracking and differs from hack or hacking, since its conception is different.
PC Magazine defines and exemplifies reverse engineering as follows: "Isolating the components of a complete system. When a chip is reverse engineered, all the individual circuits are identified. The source code can be subjected to a process of reverse engineering, to obtain its design or specifications. Machine language can be reverted to assembly language" (PC Magazine 2009).
However, the term reverse engineering is currently tied to software fraud, as well as software duplication, modification, and hacking. Such is the case of OdinMS, a reverse-engineered piece of software that works as an emulator for an online game called Maple Story. The author of OdinMS for emulating software licensed by Nexon company was sued and on July 21, 2008, both the blog and the uploaded online content were confiscated. The lawsuit process is currently being followed by Nexon. This is an example of the consequences of using reverse engineering as a means to hack a computer system.
Social Engineering
The term social engineering is a term used to attack people through psychology. It is used in systems with more complex security, such as services derived from secure protocols that make it difficult to use the usual hack techniques. This technique basically consists of using psychology to obtain information from the victim; The same information that can be used to complement a hacking attack. Also, social engineering can help the attacker to pass a malicious program to the victim, which allows to complement the attack.
In this category we have Kevin Mitnick, a famous hacker, who with the help of social engineering, gained unauthorized access to the computer systems of Sun Microsystems. After serving a 48-month prison sentence, he is currently a computer security consultant as well as founding his own company, Mitnick Security.
Collateral sequestration mode of operation
We are currently living in an era in which information is transmitted through different media such as TV, radio, Internet, etc. All these advances have been made thanks to the efforts of many engineers and scientists in different fields. The problem is that this knowledge has not always been used as a tool in favor of communication, but rather has been used as a means to harm other people. That is why great emphasis has been placed on the aspect of security with respect to the information that each individual handles through the Internet; The problem is that even then there are different methods to continue stealing said information. A very popular example in recent years is the so-called sidejacking, since great skills are not needed to be able to carry it out. However, the result obtained is quite surprising. Next, the steps that are required to achieve the theft of user accounts will be detailed, with which the attack algorithm can be understood.
First of all you need to know what it means to enter promiscuous mode, which is simply the fact of being able to make the wireless network card connected to the wireless modem see all the traffic that is being handled on that network. Thus, the packages begin to be stored with respect to all the users that are connected to the same modem, all this without the need of even having a password or username
Then, a cookie editor is used, which is integrated with many Internet browsers such as Mozilla Firefox. Here you can see what has been captured from network traffic and thus be able to locate what are the user accounts of pages such as Facebook, Hi5, Hotmail, Gmail, etc. This is done without the need for you to have to figure out any passwords or know a username. This is due to the fact that when a user tries to access his email, he performs a negotiation, so that the server receives a username and password.
In this way, the server compares with a database that it has stored and returns the approval or denial of the request that was made. Once the account is being verified, data continues to be sent to the server so that it is updating the parameters that are being modified at that moment. As long as the user is still connected to the account and is sending data, the network card in promiscuous mode continues to save the information that will later be cloned to gain access to the same account. Once enough cookies are stored, that account is entered, making the server believe that it is the same user who continues to modify the data. But in reality what is happening is that the attacker is inside the account without the need to have the user's password. Thus, the attacker has the possibility of doing what he wants, because before the server he really is the user.
In this way, it can be seen that when we connect to the Internet, we do not know if we are really the only ones in front of our monitor, since people with great knowledge in the area can use this medium to do what they want. be. That's why the new trend in computer networks is to be as secure as possible, since people's identities are now in the vast world of the Internet.
Kidnapping Examples
- IP kidnapping: abduction of a TCP/IP connection.
- Web kidnapping: modifications on a website.
- Domain kidnapping: abduction of a domain.
- Session kidnapping: user session abduction.
- Browser sequence: modifications on web browser settings.
- Kidnapping modem: abduction of the modem.
Contenido relacionado
Wikiproject:News
Integer (data type)
NSF Net