Technophiles

A seminar on computer security

and protection

D-CIPHER 1.0

C o n t e n t s

Hacking with ROOT KITS

Hacking with Key loggers

• What is a Rootkit?• Different types of rootkits• Importance• Magnitude of damage• Counter measures

• What are Key loggers?• Different types of Key loggers• Magnitude of damage• Counter measures

ROOT KITSIf you cannot win the game

CHANGE THE GAME ITSELF!

What are Root kits? Root kits are software which give

privileged(admin) access to computer systems hiding themselves from actual administrators changing the rules of kernel and modify the way by which the operating system loads.

As you or me can only change or delete what we see….It is not possible for us to find a trace of root kit installed on our system.

Different types

• User mode• Kernel mode• Bootkits• Hypervisor level• Hardware type

Bootkits These are a type of root kit which are

designed to modify the boot process of operating systems.

They are used to attack full disk encryptions systems and bypass windows password system and thus gain administrator access.

Now, we are going to show you functioning of a bootkit and are going to bypass a windows password protected account.

Surprised?? Yeah, now you know that your systems

are not safe , But don’t worry .. We are not going to reveal the name of the bootkit we just used to ensure that neither your pc is hacked nor you would hack your friend’s…. ;-)

But people who are sincerely interested in hacking others computers may find it on the internet.

Many of the times when our PC gets infected with virus’ we do an antivirus scan.

While most of the time this may fix the problem, sometimes it doesn’t.

That implies that your system is infected with a rootkit virus and that you have to run a rootkit scan.

Counter MeasuresWays to fight Rootkits

Detection and Removal of a ROOTKIT Many Rootkits are very

difficult to detect by operating system mode programs which include antivirus’

Such type of rootkits can be detected by booting from an alternate medium and running a rootkit scan.

There are many other advanced detection systems for rootkits. Hackers who write rootkit codes target big companies and celebs for stealing data and for other financial gains.

McAfee’s Rookit Detective

Sophos Anti-Rootkit [Free]

RootRepeal - Rootkit Detector

Kaspersky Virus Removal Tool

Microsoft Malicious Software Removal Tool

Panda Anti-Rootkit and latest USB vaccine

Sysinternals Rootkit Revealer [for advanced users]

Removal tools for Rootkits

Key LoggersRecord and submit…

EVERYTHING!!

Key loggers track the keys struck on keyboard, mostly in a covert manner so that the user typing the keys is unaware that their actions are monitored.

Some key loggers can even take screenshots and access information copied to the clipboard

Key loggersKey = informationLog = Keep a record of

Different types:

Software basedHardware based

Malware based: A key logger can be present inside a virus Kernel based:Key logger written as a rootkit that has direct access to computer hardware Others:These include key loggers which are API based, Grabber based and Packet analyzers.

Software based Key loggersMainly three types:• Malware based• Kernel based• API based

Firmware based:A software is loaded in to BIOS to keep track of key strokes. Keyboard Hardware:A hardware is attached between keyboard and main system to record all that is typed on the keyboard.

Hardware based key loggersOut in the open!!

This explains…

Magnitude and type of damage

A software key logger can be installed remotely and can send back the logged information to a particular ip address or an e-mail or can broadcast data in different methods so that it would reach the hacker without being traced.

Hardware key loggers generally contain memory in which they store the logged information. This needs user’s physical access to the system which is risky

Once the hacker obtains the clear text, he can easily trace down the password and id’s of the target user and hence can steal or modify data and cause loss to the target.

Counter Measures

• Using a good antivirus or anti spyware• Using a KEY SCRAMBLER This is very useful as it encrypts information that is typed on keyboard . In this way, even if the hacker plants a spyware, He will have nothing but a computer code to decipher.• Using an ANTILOGGER This is also a good method to fight key loggers . These are the programs that detect Key loggers by their behavior and report them to the user.

Now you know you are Safe !!