Unit 4 - EH
Uploaded by
anakinalt9Unit 4 - EH
Uploaded by
anakinalt9lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
4. SYSTEM HACKING
Hacking Web Servers - Web Application Components - Vulnerabilities - Tools for Web Attackers and
Security Testers - Hacking Wireless Networks - Components of a Wireless Network - Wardriving -
Wireless Hacking - Tools of the Trade.
HACKING WEB SERVERS:
Many organizations develop web-based applications, which their users can use to interact with
them. But improper configuration and poorly written codes in web servers are a threat and can be used to
gain unauthorized access to the servers' sensitive data.
Web Server:
Web servers are hardware, computer, or software used to host websites. Web servers run on
various operating systems connected to the back-end database and run various applications. The use of
Web servers has increased as most online services are implemented as web applications. Web servers are
mostly used in web hosting or the hosting of data for websites and web applications.
Working of Web Server:
Fig 4.1 Working of Web Server
A web server can be accessed through a websites' domain name. It ensures delivering the site's
content to the requesting user by using Hypertext Transfer Protocol (HTTP). A Web server can be
considered to be a hardware that is used to store or host the Web server's software and files related to
websites. So a web server can be used to indicate the hardware or software or both together. It is used in
the transfer of files, email communications, and for many other purposes. Web servers are so powerful that
they can efficiently deliver the same file or any other file to thousands of website visitors simultaneously.
MCE CSE Page 1
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Web Server security issues:
Web Servers may be vulnerable to network-level attacks and operating system attacks. Web
Server as a hardware is used to store Web server software and files related to websites such as images,
scripts, etc. Usually, an attacker will target vulnerabilities in the configuration of the web server and
exploit it. Some Vulnerabilities may include,
• Inappropriate permissions of the directory
• Lack of security
• Bugs
• Misconfigured SSL certificates
• Enables unnecessary services
• Default setup
Web Server attacks:
Web server attacks include many techniques. Some of the attacks faced by the web servers are as
follows,
✓ DoS / DDoS - Denial of Service / Distributed Denial of Service, where an attacker attacks by
sending numerous service request packets overwhelming the servicing capability of the web server, resulting
in crashing and unavailability for the users.
✓ DNS Server Hijacking - DNS Server Hijacking, is also known as DNS redirection, where an
attacker modifies DNS configurations. DNS redirection’s primary use is pharming, where attackers display
unwanted ads to generate some revenue, and phishing, where attackers show fake websites to steal credentials.
✓ DNS Amplification Attack - A DNS amplification attack happens when an attacker spoofs the
lookup request to the DNS server with the DNS recursive method. The size of the requests results in a
Denial of Service attack.
✓ Directory Traversal Attacks - Directory traversal, also is known as Path Traversal, is an HTTP
attack that allows attackers to access restricted directories and reveal sensitive information about the system
using dot and slash sequences.
✓ Man in the Middle attack - A Man in the Middle / Sniffing attack happens when an attacker
positions himself between a user and the application to sniff the packets. The attacker’s goal is to steal
sensitive information such as login credentials, credit card details, etc.
✓ Phishing attacks - A Phishing attack is a social engineering attack to obtain sensitive, confidential
information such as user names, passwords, credit card numbers, etc. It is a practice of fraudulent attempts
MCE CSE Page 2
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
that appear to come from a reputable source. Scammers mostly use emails and text messages to trick one in a
phishing attack.
✓ Website Defacement - Website Defacement is an attack where an attacker changes the website / web
page’s visual appearance with their messages. SQL injection attack is mainly used in web defacement. An
attacker can add SQL strings to craft a query maliciously and exploit the web server.
✓ Web Server Misconfiguration - Web Server Misconfiguration is when unnecessary services are
enabled, and default configurations are being used. The attacker may identify weakness in terms of remote
functions or default certifications, and can exploit them. An attacker can easily compromise systems by some
attacks such as SQL injection, command injection.
✓ HTTP Response splitting attacks - HTTP response splitting is a straightforward attack when the
attacker sends a splitting request to the server, which results in the splitting of a response into two responses
by the server. The second response is in the hand of the attacker and is easily redirected to the malicious
website.
✓ Web Cache Poisoning - A web cache is an information technology for storing web documents such
as web pages, passwords and images temporarily. Web Cache Poisoning is a technique where the attacker
sends fake entry requests to the server, wipes out all the server’s actual caches and redirects the user to the
malicious website.
✓ SSH Brute Force Attacks - Brute force is where an attacker uses trial and error to guess login
information by submitting many passwords or paraphrases. In an SSH (Secure Shell / Secure Socket Shell)
Brute force attack, the intruder brute forces the SSH tunnel to use an encrypted tunnel. The encrypted tunnel
is for communicating between the hosts. Hence, the attacker gains unauthorized access to the tunnel.
✓ Web Server Password Cracking Attacks - In this attack, the attacker cracks the server password and
uses it to perform more attacks. Some of the common password cracking tools are Hydra, John the Ripper,
Hashcat, Aircrack, etc.
Hacking methodology:
1. Information gathering:
Information Gathering is a process of gathering different information about the victim / target by
using various platforms such as Social engineering, internet surfing, etc.
✓ Footprinting - Footprinting is a crucial phase where an attacker may use different tools to
gather information about the target. In this phase, an attacker uses passive methods to find information
MCE CSE Page 3
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
about the victim before performing an attack. The attacker keeps minimum interactions with the victim to
avoid detection and alerting the target of the attack. Footprinting can quickly reveal the vulnerabilities of
the target system and can exploit them. There are various methods to gather information such as Whois,
Google Searching, Operating system detection, network enumeration, etc.
• Web server Footprinting - In web server fotprinting, information is gathered
using some specific tools that are focused on web servers such as Maltego, httprecon, Nessus, etc.
resulting in details like operating system, running services, type, applications, etc.
2. Vulnerability Scanning:
Vulnerability scanning is the next process taken after performing footprinting to precisely target
the attack. A vulnerability scanner is a computer program made to discover system weaknesses in
computers and networks. Some methods used in vulnerability scanning are port scanning, OS detection,
network services, etc. Common tools used for scanning are Nmap, Nikto, Nessus, and many more.
3. Session Hijacking:
Session Hijacking / cookie hijacking is an exploitation of the web session. In this attack, the
attacker takes over the users' sessions to gain unauthorized access to get information about its
services. Session hijacking mostly applies to web applications and browser sessions.
The attacker needs to know the Session-Id (session key) to perform session hijacking successfully.
It can be obtained by stealing the session or just by clicking on some malicious links provided by the
attacker. Once the attacker gets the key, he can take over the session using just the same session key, and
the server will now treat the attacker's connection as the initial session.
4. Password attacks:
Password cracking is a method of extracting passwords to gain authorized access to the legitimate
user's target system. Password cracking can be performed using social engineering attack, dictionary attack,
or password guessing or stealing the stored information that can help obtain passwords that give access to
the system.
Web Server Attack Tools:
✓ Metasploit - This is an open source tool for developing, testing and using exploit code. It can be used
to discover vulnerabilities in web servers and write exploits that can be used to compromise the server.
✓ MPack - This is a web exploitation tool. It was written in PHP and is backed by MySQL as the
database engine. Once a web server has been compromised using MPack, all traffic to it is redirected to
malicious download websites.
MCE CSE Page 4
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Zeus - This tool can be used to turn a compromised computer into a bot or zombie. A bot is a
compromised computer which is used to perform internet-based attacks. A botnet is a collection of
compromised computers. The botnet can then be used in a denial of service attack or sending spam mails.
✓ Neosplit - This tool can be used to install programs, delete programs, replicating it, etc.
Case Study - GitHub DDoS Attack:
Among the biggest web server attacks was the breach of GitHub in 2018. GitHub is the most
popular online code management service used by millions of developers. On February 28, 2018 it was
hit by the largest ever DDoS attack. The platform was not prepared for the massive influx of traffic, which
peaked at a record-breaking 1.3 terabits per second.
In this attack, there was no involvement of botnets, but instead, attackers used a method called
mem caching, a caching system used to speed up websites and networks. The attackers could spoof
GitHub’s IP address and then massively amplify the traffic levels directed at the platform. Luckily,
within 10 minutes of the attack the company could contain and stop the attack from continuing as the
company was using a DDoS Protection Service.
Defensive measures to protect Web Server:
For securing a web server from internal and external attacks or any other threat, the essential
recommendation is to keep it in a secure zone. Security devices like firewalls, IDS and IPS must be
deployed. Maintaining the servers in an isolated environment protects them from other threats.
Website Change Detection System is a technique used to detect any unexpected activity or
changes in the Web server. Scripting is focused on inspecting any modifications made in the files used to
detect hacking attempts.
To defend a web server from attack, do ensure that services on the web server are minimized.
Disable all unnecessary and insecure ports. Always allow encrypted traffic only. Disable tracking.
Continuously monitor your traffic to ensure there is no unauthorized activity. Use Port 443 HTTPS over
80 HTTP to secure web browser communication.
MCE CSE Page 5
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Fig 4.2 Protecting Web Server
WEB APPLICATION COMPONENTS:
A web application is software that runs in a web browser. Businesses have to exchange information
and deliver services remotely. They use web applications to connect with customers conveniently and
securely. The most common website features like shopping carts, product search and filtering, instant
messaging, and social media newsfeeds are web applications in their design. They allow one to access
complex functionality without installing or configuring software.
Common Web application functions:
Web application have been created to perform practically every useful function one could possibly
implement online. Some of the web application functions that have risen to prominence in recent years are as
follows,
✓ Shopping (Amazon)
✓ Social networking (Facebook)
✓ Banking (Citibank)
✓ Web search (Google)
✓ Auctions (eBay)
✓ Gambling (Betfair)
✓ Web logs (Blogger)
✓ Web mail (Gmail)
✓ Interactive information (Wikipedia)
MCE CSE Page 6
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Benefits of Web applications:
✓ HTTP, the core communications protocol used to access the World Wide Web, is lightweight and
connectionless. This provides resilience in the event of communication errors and avoids the need for the case
in many legacy client / server applications. HTTP can also be proxied and tunneled over other protocols,
allowing for secure communication in any network configuration.
✓ Every web user already has a browser installed on their computers and mobile devices. Web
applications deploy their user interface dynamically to the browser, avoiding the need to distribute and
manage separate client software, as was the case with pre-web applications. Changes to the interface need to
be implemented only once, on the server, and take effect immediately.
✓ Today’s browsers are highly functional, enabling rich and satisfying user interfaces to be built.
Web interfaces use standard navigational and input controls that are immediately familiar to users, avoiding
the need to learn how each individual application functions. Client-side scripting enables applications to push
part of their client side, and browsers’ capabilities can be extended in arbitrary ways using browser extension
technologies where necessary.
✓ The core technologies and languages used to develop web applications are relatively simple. A
wide range of platforms and development tools are available to facilitate the development of powerful
applications by relative beginners, and a large quantity of open source code and other resources is available
for incorporation into custom-built applications.
Web Application Security:
As with any new class of technology, web application has brought with them a new range of
security vulnerabilities. The set of most commonly encountered defects has evolved over time. New attacks
have been conceived that were not considered when existing applications were developed. Some problems
have become less prevalent as awareness of them has increased. New technologies have been developed that
have introduced new possibilities for exploitation. Some categories of flaws have largely gone away as the
result of changes made to web browser software.
The most serious attacks against web applications are those that expose sensitive data or gain
unrestricted access to the back-end systems on which the application is running. High-profile compromises of
this kind continue to occur frequently. For many organizations, however, any attack that causes system
MCE CSE Page 7
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
downtime is a critical event. Application-level denial-of-service attacks can be used to achieve the same
MCE CSE Page 8
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
results as traditional resource exhaustion attacks against infrastructure. However, they are often used with
subtler techniques and objectives. They may be used to disrupt a particular user or service to gain a
competitive edge against peers in the realms of financial trading, gaming, online bidding, and ticket
reservations.
Components of Web Application:
All web-based applications have three primary components: A web browser (or client), a web
application server, and a database server.
✓ Web browser - A web browser is an application for accessing websites. When a user requests
a web page from a particular website, the browser retrieves its files from a web server and then displays the
page on the user's screen.
✓ Web application server - A web application server is a server that hosts applications or
software that delivers an application through a communication protocol.
✓ Database server - A database server is a machine running database software dedicated to
providing database services.
Web-based applications rely on a database server, which provides the data for the application. The
database server sometimes also provides business logic in the form of stored procedures. Stored procedures
can offer significant performance advantages.
The clients handle the presentation logic, which controls the way in which users interact with the
application. In some cases, the client validates user-provided input. Web applications sometimes integrate
Java applets into the client-side logic to improve the presentation layer.
✓ Applet - A Java program that is part of a Hypertext Markup Language (HTML) page.
(HTML is the standard method for presenting web data to users.) They are loaded when the HTML page is
processed.
Web application servers manage the business logic. The business logic is typically written in Java. The
web application server can manage requests from a variety of remote clients. The web application layer might
include Java Server Pages (JSP) files, Java servlets, Enterprise Java Beans (EJB) components, or web
services.
MCE CSE Page 9
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ JSP - A technology that provides a consistent way to extend web server functionality and create
dynamic web content. The web applications that one develops with JSP technology are server and platform
independent.
✓ Servlet - A Java program that responds to client requests and generates responses dynamically.
✓ EJB - A component architecture for building distributed applications with the Java programming
model. Server transactional components are reusable and provide portability across application servers.
✓ Web services - Self-contained, modular applications that provide an interface between the
provider and the consumer of application resources.
VULNERABILITIES:
Some of the common vulnerabilities discovered in web applications are as follows,
✓ Broken authentication - This category of vulnerability encompasses various defects within the
application’s login mechanism, which may enable an attacker to guess weak passwords, launch a a brute-
force attack, or bypass the login.
✓ Broken access controls - This involves cases where the application fails to properly protect access
to its data and functionality, potentially enabling an attacker to view other users’ sensitive data held on the
server or carry out privileged actions.
Fig 4.3 The incidence of some common web application vulnerabilities
MCE CSE Page 10
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ SQL injection - This vulnerability enables an attacker to submit crafted input to interfere with the
application’s interaction with back-end databases. An attacker may be able to retrieve arbitrary data from
the application, interfere with its logic, or execute commands on the database server itself.
✓ Cross-site scripting - This vulnerability enables an attacker to target other users of the application,
potentially gaining access to their data, performing unauthorized actions on their behalf, or carrying out
other attacks against them.
✓ Information leakage - This involves cases where an application divulges sensitive information
that is of use to an attacker in developing an assault against the application, through defective error
handling or other behaviour.
✓ Cross-site request forgery - This flaw means that application users can be induced to perform
unintended actions on the application within their user context and privilege level. The vulnerability allows
a malicious web site visited by the victim user to interact with the application to perform actions that the
user did not intend.
SSL (Secure Socket Layer) is an excellent technology that protects the confidentiality and
integrity of data in transit between the user’s browser and the web server. It helps defend against
eavesdroppers, and it can provide assurance to the users of the identity of the web server they are dealing
with. But it does not stop attacks that directly target the server or client components of an application, as
most successful attacks do.
Key problem factors:
The core security problem faced by web applications arises in any situation where an application
must accept and process untrusted data that maybe malicious.
✓ Underdeveloped Security Awareness - Although awareness of web application security issues
has grown in recent years, it remains less well-developed than in longer-established areas such as networks
and operating systems. A web application developer’s work increasingly involves weaving together tens, or
even hundreds, of third-party packages, all designed to abstract the developer away from the underlying
technologies.
✓ Custom development - Most web applications are developed in-house by an organization’s own
staff or third-party contractors. Even where an application employs well-established components, these are
typically customized or bolted together using new code. In this situation, every application is different and
may contain its own unique defects. This stands in contrast to a typical infrastructure deployment, in which
an organization can purchase a best-of-breed product and install it in line with industry-standard guidelines.
MCE CSE Page 11
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Deceptive Simplicity - With today’s web application platforms and development tools, it is
possible for a novice programmer to create a powerful application from scratch in a short period of time.
But there is a huge difference between producing code that is functional and code that is secure. Many web
applications are created by well-meaning individuals who simply lack the knowledge and experience to
identify where security problems may arise. A prominent trend in recent years has been the use of
application frameworks that provide ready-made code components to handle numerous common areas of
functionality, such as authentication, page templates, message boards, and integration with common
back-end infrastructure components. Examples of these frameworks include Liferay and Appfuse. These
products make it quick and easy to create working applications without requiring a technical understanding
of how the applications work or the potential risks they may contain.
✓ Rapidly evolving Threat Profile - Research into web application attacks and defences continues
to be a thriving area in which new concepts and threats are conceived at a faster rate than is now the case
for older technologies. Particularly on the client side, it is common for the accepted defences against a
particular attack to be undermined by research that demonstrates a new attack technique. A development
team that begins a project with a complete knowledge of current threats may have lost this status by the
time the application is completed and deployed.
✓ Resource and Time constraints - Most web application development projects are subject to strict
constraints on time and resources, arising from the economics of in-house, one-off development. In most
organizations, it is often infeasible to employ dedicated security expertise in the design or development
teams. And due to project slippage, security testing by specialists is often left until very late in the project’s
life cycle. In the balancing of competing priorities, the need to produce a stable and functional application
by a deadline normally overrides less tangible security considerations. A typical small organization may be
willing to pay for only a few man-days of consulting time to evaluate a new application. A quick
penetration test will often find the low-hanging fruit, but it may miss subtler vulnerabilities that require time
and patience to identify.
✓ Overextended Technologies - Many of the core technologies employed in web applications began
life when the landscape of the World Wide Web was very different. They have since been pushed far
beyond the purposes for which they were originally conceived. As the expectations placed on web
application functionality have rapidly evolved, the technologies used to implement this functionality have
lagged behind the curve, with old technologies stretched and adapted to meet new requirements.
Unsurprisingly, this has led to security vulnerabilities as unforeseen side effects emerge.
MCE CSE Page 12
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Increasing demands on Functionality - Applications are designed primarily with functionality
and usability in mind. Once-static user profiles now contain social networking features, allowing uploading
of pictures and wiki-style editing of pages. A few years ago an application designer may have been content
with implementing a user name and password challenge to create the login functionality. Modern sites may
include password recovery, user name recovery, password hints, and an option to remember the user name
and password on future visits. Such a site would undoubtedly be promoted as having numerous security
features, yet each one is really a self-service feature adding to the site’s attack surface.
TOOLS FOR WEB ATTACKERS AND SECURITY TESTERS:
A web attacker targets vulnerabilities in websites to gain unauthorized access, obtain confidential
information, introduce malicious content, or alter the website's content. A security tester works to ensure the
security of computer networks and systems. Their duties are to gather information and make assessments of
computer security systems for a client or employer. They perform scans, look for vulnerabilities in
applications, and locate other risks. Some of the open source security testing tools for checking how secure a
website or web application is listed as follows,
1. Zed Attack Proxy (ZAP):
Developed by OWASP (Open Web Application Security Project), ZAP or Zed Attack Proxy is a
multi-platform, open-source web application security testing tool. ZAP is used for finding a number of
security vulnerabilities in a web application during the development as well as the testing phase. The
security testing tool supports command-line access for advanced users. ZAP is written in Java. Other than its
use as a scanner, ZAP can also be used to intercept a proxy for manually testing a web page. ZAP exposes
Application error disclosure, Private IP disclosure, Session ID in URL rewrite, SQL injection, XSS injection.
2. Wfuzz:
Developed in Python, Wfuzz is used for brute-forcing web applications. The open-source security
testing tool has no GUI interface and is usable only via command line. Vulnerabilities exposed by Wfuzz are
LDAP injection, SQL injection, XSS injection.
3. Wapiti:
Wapiti is a free of cost, open source project from SourceForge and devloop. In order to check web
applications for security vulnerabilities, Wapiti performs black box testing. It is usable via command-line. For
checking whether a script is vulnerable or not, Wapiti injects payloads. The open source security testing tool
provides support for both GET and POSTHTTP attack methods. Vulnerabilities exposed by Wapiti are
MCE CSE Page 13
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Command execution detection, Database injection, file disclosure, Shellshock or Bash bug, SSRF (Server
Side Request Forgery), XSS injection.
4. W3af:
W3af is developed using Python. The tool allows testers to find over 200 types of security issues in
web applications including, Blind SQL injection, buffer overflow, cross-site scripting.
5. SQLMap:
Allowing automating the process of detecting and utilizing SQL injection vulnerability in a
website’s database, SQLMap is entirely free to use. The security testing tool comes with a powerful testing
engine, capable of supporting 6 types of SQL injection techniques namely Boolean-based blind, Error-based,
Out-of-band, Stacked queries, Time-based blind, UNION query.
6. SonarQube:
In addition to exposing vulnerabilities, SonarQube is used to measure the source code quality of a
web application. Despite being written in Java, SonarQube is able to carry out analysis of over 20
programming languages. Issues found by SonarQube are highlighted in either green or red light. While the
former represents low-risk vulnerabilities and issues, the latter corresponds to severe ones. For advanced
users access via command prompt is available. Some of the vulnerabilities exposed by SonarQube include,
Cross-site scripting, Denial of Service (DoS) attacks, HTTP response splitting, Memory corruption, SQL
injection.
7. Nogotofail:
A network traffic security testing tool from Google. Nogotofail is a lightweight application that is
able to detect TLS / SSL vulnerabilities and misconfiguration. Vulnerabilities exposed by Nogotofail are
MitM attacks, SSL certificate verification issues, SSL injection, TLS (Transport Layer Security) injection.
8. Iron Wasp:
An open-source, powerful scanning tool, Iron Wasp is able to uncover over 25 types of web
application vulnerabilities. Additionally, it can also detect false positives and false negatives. Iron Wasp
assists in exposing a wide variety of vulnerabilities, including broken authentication, Cross-site scripting,
Cross-Site Request Forgery (CSRF), hidden parameters, privilege escalation.
9. Grabber:
The portable Grabber is designed to scan web applications, including forums and personal websites.
The lightweight security testing tool has no GUI interface and is written in Python. Vulnerabilities uncovered
by Grabber includes, backup files verification, Cross-site scripting, file inclusion, SQL injection.
MCE CSE Page 14
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
10. Arachni:
Apt for both penetration testers and administrators. Arachni is designed to identify security issues
within a web application. The open source security testing tool is capable of uncovering a number of
vulnerabilities, including invalidated redirect, local and remote file inclusion, SQL injection, XSS injection.
11. Invicti:
Invicti is a web vulnerability management system. It is an automatic, deadly accurate and easy-to-use
web application security scanner. It is used to automatically identify security issues such as Cross-Site
Scripting (XSS) and in websites, web applications, and web services. It is Proof-based scanning technology,
doesn’t just report vulnerabilities, it also produces a proof of Concept to confirm they are not false positives.
12. Acunetix:
Acunetix is an easy yet powerful solution to secure a website, web applications and APIs. It detects
over 4500 web vulnerabilities such as Cross Site Scripting (XSS), SQL injection, etc. It runs on Windows,
Linux and Online.
13. Vega:
Vega is a free and open source web security scanner and web security testing platform to test the
security of web applications. It is written in Java and has a well-designed Graphical User Interface (GUI)
runs on Linux and Windows. It exposes vulnerabilities including XSS injection, blind SQL injection, header
injection, remote file include, Shell injection.
14. Skipfish:
Skipfish is an active web application security testing tool. It prepares an interactive site-map for the
targeted site by carrying out a recursive crawl and dictionary-based probes. It is available for Linux, Mac OS
and Windows. Some of the security checks offered by Skipfish are, Server-side query injection, explicit SQL-
like syntax in GET or POST parameters, Server-side shell command injection, Server-side XML / XPath
injection.
15. Ratproxy:
Ratproxy is an open source security testing tool. It is a semi-automated, largely passive web
application security audit tool. Ratproxy assessments take little bandwidth or time to run and proceed in an
intuitive, distraction-free manner. It affords a consistent and predictable coverage of user-accessible features.
It is supported by operating systems such as MAC OS, Windows and Linux.
HACKING WIRELESS NETWORKS:
Wireless networks are computer networks that are not connected by cables of any kind. The use of
MCE CSE Page 15
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
a wireless network enables enterprises to avoid the costly process of introducing cables into buildings or as a
MCE CSE Page 16
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
connection between different equipment locations. Wireless networks use radio waves to connect devices. A
group of interconnected nodes that exchange information and share resources through a wireless transmission
medium.
A wireless network refers to any type of computer network that is wireless and is commonly
associated with a telecommunications network whose interconnections between nodes are implemented
without the use of wires. Wireless telecommunications networks are generally implemented with some type of
remote information transmission system that uses electromagnetic waves such as radio waves for the carrier.
The devices in a wireless network have the freedom to be in motion, but be in connection with the
network and share data with other devices in the network. One of the most crucial point that they are so spread
is that their installation cost is very cheap and fast than the wire networks. There are four main types of
wireless networks,
✓ Wireless Local Area Network (LAN): Links two or more devices using a wireless distribution
method, providing a connection through access points to the wider Internet.
✓ Wireless Metropolitan Area Networks (MAN): Connects several wireless LANs.
✓ Wireless Wide Area Network (WAN): Covers large areas such as neighbouring towns and cities.
✓ Wireless Personal Area Network (PAN): Interconnects devices in a short span, generally within
a person’s reach.
Fig 4.4 Types of Wireless networks
MCE CSE Page 17
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Wireless networks are widely used and it is quite easy to set them up. They use IEEE
802.11 standards. A wireless router is the most important device in a wireless network that connects the users
with the Internet.
Fig 4.5 A wireless network
A wireless network has Access Points which are extensions of wireless ranges that behave as logical
switches. Although wireless networks offer great flexibility, they have their security problems.
A hacker can sniff the network packets without having to be in the same building where the network is
located. As wireless networks communicate through radio waves, a hacker can easily sniff the network from a
nearby location.
Most attackers use network sniffing to find the SSID (Service Set Identifier) and hack a wireless
network. When wireless cards are converted in sniffing modes, they are called monitor mode.
WEP and WPA:
WEP and WPA are the two main security protocols used in Wireless LAN. WEP or Wired
Equivalent Privacy, is a deprecated security protocol that was introduced back in 1997. However, it was
weak, and several serious weaknesses were found in the protocol.
A new Wi-Fi security protocol was introduced in 2003. This new protocol was Wi-Fi Protected
Access (WPA). While most routers currently use WPA or WPA2, a third version called WPA3 was certified a
few years ago and is designed to replace the existing protocols.
To get unauthorized access to a network, one needs to crack these security protocols. Many tools can
crack Wireless encryption. These tools can either take advantage of WEP weaknesses or use brute force
password guessing attacks on WPA/WPA2/WPA3.
MCE CSE Page 18
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Tools for Wireless Network Hacking:
Wireless hacking tools are of two types. One can be used to sniff the network and monitor what is
happening in the network. The other kind of tool is used to hack WEP/WPA keys. These are the popular tools
used for wireless password cracking and network troubleshooting.
✓ Aircrack-ng - Aircrack-ng is one of the most popular wireless password cracking tools that one
can use for WEP and WPA cracking. Aircrack-ng uses the best algorithms to recover wireless passwords by
capturing packets. Once enough packets have been gathered, it tries to recover the password. To make the
attack faster, it implements a standard FMS attack (Fluhrer, Mantin and Shamir attack, a type of cryptographic
attack that targets the WEP encryption protocol) with some optimizations.
✓ Wifite - Wifite is a Python script designed to simplify wireless security auditing. It runs existing
wireless hacking tools, eliminating the need to memorize and correctly use the different tools with their
various options. Wifite2 is a complete rewrite of the original Wifite tool. It is designed to work on the Kali
Linux and ParrotSec Linux distros. Before running Wifite, it is recommended to install their optional tools as
they are essential for running some of the supported attacks.
✓ Kismet - Kismet is a wireless network sniffer that works for Wi-Fi, Bluetooth, Software-
Defined Radio (SDR) and other wireless protocols. It passively collects packets being broadcast in its vicinity
and analyzes them to detect even hidden Wi-Fi networks. Kismet is supported on all operating systems (using
WSL on Windows) and is actively supported.
✓ Wifiphisher - Wifiphisher is a tool designed to perform man-in-the-middle attacks by
exploiting Wi-Fi association. By convincing wireless users to connect to the rogue access point, Wifiphisher
provides an attacker with the ability to intercept and monitor or modify their wireless traffic. Wifiphisher also
enables an attacker to launch web phishing attacks. These can be used to collect user credentials for third-
party sites or Wi-Fi network credentials. Additionally, Wifiphisher is designed to be modular, enabling
advanced users to write custom code to expand its capabilities.
✓ inSSIDer - InSSIDer is a popular Wi-Fi scanner for Microsoft Windows and OS X operating
systems. The inSSIDer wi-fi scanner can do various tasks, including finding open Wi-Fi access points,
tracking signal strength and saving logs with GPS records.
✓ Wireshark - Wireshark is the network protocol analyzer. It lets one check what is happening in
their network. One can capture packets live and inspect them at a high level or see the values of particular
fields within a packet. It runs on Windows, Linux, OS X, Solaris, FreeBSD and others. Wireshark is designed
to be user-friendly but has a great deal of functionality under the hood.
MCE CSE Page 19
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ CoWPAtty - CoWPAtty is an automated dictionary attack tool for WPA-PSK (Wi-Fi
Protected Access Pre-Shared Key). It runs on Linux OS. This program has a command-line interface and runs
on a word list that contains the password to use in the attack. Using the tool is simple, but it is slow. That’s
because the hash uses PBKDF2 with 4096 iterations to generate a potential passphrase from a network SSID
and password. Since each calculation of PBKDF takes time, this makes a brute force password guessing
attack very slow. However, CoWPAtty does have a rainbow table designed to mitigate this issue. Since many
routers have common SSIDs, pre-computed tables have been generated for these SSIDs and common
passwords. If the target network is one of these, testing it against the precomputed dictionary is much faster.
✓ AirJack - AirJack is a Wi-Fi 802.11 packet injection tool. This wireless cracking tool is very
useful in injecting forged packets and taking a network down via a denial of service attack. This tool can
also be used for a man-in-the-middle attack on the network.
✓ Airgeddon - Airgeddon is designed to be an all-in-one tool for security analysis of wireless
networks. To accomplish this, it integrates several existing tools and provides a single command-line interface
for all of them. This helps to reduce the complexity of performing Wi-Fi security audits because Airgeddon’s
CLI (Command Line Interface) walks one through the process and handles interactions with all of the
underlying tools.
✓ OmniPeek - OmniPeek is another nice packet sniffer and network analyzer tool. This tool is
commercial and supports only Windows operating systems. This tool is intended to be an all-in-one Wi-Fi
network management solution and includes packet capture, protocol decoding, network diagnostics and
troubleshooting and even playback and analysis of voice and video traffic for diagnostic purposes.
✓ CommonView for WiFi - CommView for WiFi is another popular wireless monitor and packet
analyzer tool. It comes with an easy-to-understand GUI (Graphical User Interface). It captures every packet
and displays useful information as a list. One can get useful information like access points, stations, signal
strength, network connections and protocol distribution. Captured packets can be decrypted by user-defined
WEP or WPA keys. This tool is basically for Wi-Fi network admins, security professionals, home users who
want to monitor their Wi-Fi traffic and programmers working on software for wireless networks.
✓ CloudCracker - CloudCracker is an online password cracking tool for cracking WPA-protected
Wi-Fi networks. This tool can also be used to crack different password hashes. Just upload the handshake file,
enter the network name, and start the tool. This tool has a huge dictionary of around 300 million words to
perform attacks.
MCE CSE Page 20
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Kali Linux NetHunter - Kali Linux NetHunter is a fully open-source Android penetration
platform that is designed to run on Nexus phones. In addition to Wi-Fi-focused tools, NetHunter also includes
a complete Kali Linux toolset.
COMPONENTS OF A WIRELESS NETWORK:
The basic components used by a wireless network are as follows,
1. Wireless Router:
Most modern wireless routers integrate a Wireless Access Point, Ethernet switch, and router into a
single device. This allows all three functions to be configured and managed through a single piece of
hardware and interface. A wireless router permits both wired and wireless devices to connect to the internet
via a cable, ADSL (Asymmetric Digital Subscriber Line) or DSL (Digital Subscriber Line) modem.
2. Wireless Access Points (WAP):
An access point is used to provide a wireless connection to the remaining wired LAN. It’s a small
box with one or multiple aerials. Some models look very similar to a wireless router. In some cases, the
functionality of a WAP and router, along with an Ethernet switch, are combined into a single device. Access
points have the capability of receiving and transmitting data to all the wireless devices in a particular area.
They can manage multiple connections between different devices working at once. However, too many
devices working with one access point will significantly slow down the operations. One or more access points
should be enough for covering a small building or office. However, factors such as range, and density and
structure of the walls and floors may reduce the signal strength.
3. Wireless Network Interface Card (NIC) or Wireless Adapter:
Wireless adapters come in several forms, the most common being either a USB (Universal Serial
Bus) or a PCI (Peripheral Component Interconnect) card. Wireless adapters connect a specific computing
device to the WLAN and receive and transmit radio waves. Most modern devices have an inbuilt wireless
adapter.
4. Wireless Bridge:
Wireless bridges operate to either improve the Wi-Fi network coverage or extend it. Their primary
purpose is to receive the existing Wi-Fi signal, relay the requests, and respond back and forth, between the
device and the main Wi-Fi router / access point. One can use a repeater to double the WLAN range. Wireless
bridges are available for a high-speed, long-range outdoor link to use between buildings. Twenty-five miles is
MCE CSE Page 21
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
their usual range. Railroads, water-bodies, or any physical obstacle doesn’t affect them as they’re based on
line-of-sight.
5. Wireless Controller:
Wireless controllers are used when a large number of access points (AP) are requires. Wireless
controllers provide a centralized Wi-Fi management function which manages all the access points in a campus.
Wireless controllers provide advanced features and management capabilities, such as centralized
authentication, access control, ability to restrict bandwidth by user or group, and Quality of Service (QoS) and
traffic prioritization.
6. Wireless repeaters:
Access points, which require interconnecting cabling, generally play a dominant role for providing
coverage in most wireless LAN deployments. Wireless repeaters, however, are a way to extend the range of
an existing wireless LAN instead of adding more access points. There are few standalone wireless LAN
repeaters, but some access points have a built-in repeater mode. A repeater simply regenerates a network
signal to extend the range of the existing network infrastructure. A wireless LAN repeater does not physically
connect by wire to any part of the network. Instead it receives radio signals from an access point, end-user
device, or another repeater; it retransmits that frames. This makes it possible for a repeater located between an
access point and distant user to act as a relay for frames travelling back and forth between the user and the
access point.
7. Wireless Antennae:
Most antennae for wireless LANs are omnidirectional and have low gain. Nearly all access points,
routers, and repeaters come standard with omnidirectional antennae. Omnidirectional antennae satisfy most
coverage requirements; however, consider the use of optional directive antennae to cover a long, narrow area.
Wireless Network Security:
Wireless networks can potentially be more at risk to an attack than traditional wired networks. As with
any security measure, wireless security aims to prevent the unauthorized access, or damage to the systems and
data, which use a wireless network. Potentially, malicious individuals can connect to a network or intercept
another’s connection. If an organization is using wireless technologies, it is crucial that security is built into
the wireless network.
MCE CSE Page 22
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Security standards are continually developing. Choosing upgradeable hardware, ensuring employees
fully understand the criticality of cyber security, and using VPNs, will all contribute to improving wireless
networking security. The following steps should also be taken,
✓ Access to a wireless network should be password-protected. While most hardware allows this,
one should ensure that it is enabled.
✓ Most wireless networks employ some form of data encryption method. Always ensure that this
is enabled, in addition to resetting any default passwords.
✓ Strong passwords can be made by including letters, numbers and special characters. For
wireless networks, passwords which are longer than 10 characters should be used. Common words, names or
memorable dates should be avoided as passwords. Identify password security measures to ensure an
organization remains secure.
Addressing potential wireless network security issues:
✓ In the event an employee’s laptop, smartphone, or laptop is lost or stolen, revoking access
privileges associated with the user will help secure the network.
✓ Using a personal firewall software will help in limiting the data, a user would see in potentially
insecure locations, i.e., when accessing the network from a Wi-Fi hotspot.
✓ One can reinforce device security by using the in-built security and encryption options. The
steps to do this is typically found in the device user operating manuals. A crucial measure is to change any
default passwords.
✓ The use of anti-malware software will decrease the risk from known trojans, keystroke loggers
and other spyware.
✓ For employees that may need to access sensitive data on mobile devices, providing training will
ensure that they take the necessary measures to keep the devices and data secure.
WARDRIVING:
Wardriving is a hacking method in which a hacker uses hardware and software to find and gain access
to unsecure Wi-Fi networks. Hackers are able to gain access to unsecure networks by decrypting the wireless
router or cracking passwords using software. Then, the hacker can record these network locations in a process
called point mapping and can share this unauthorized information with websites and third-party applications.
While wardriving involves driving around an area in a vehicle to locate vulnerable networks, similar processes
can occur on foot or on bike. The hacking process is the same, but the term may vary based on the
MCE CSE Page 23
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
hacker’s mode of transportation (warbiking, warcycling, warjogging, warrailing, warwalking, wartrining,
warkitting, etc.). Warbiking or warcycling is similar to wardriving, but is done from a moving bicycle or
motorcycle. This practice is sometimes facilitated by mounting a Wi-Fi enabled device on the vehicle.
Warwalking or warjogging, is similar to wardriving, but is done on foot rather than from a moving vehicle.
Wardriving in cyber security is the act of looking for publicly accessible Wi-Fi networks, usually from
a moving vehicle, using a laptop or smartphone. Wardriving is sometimes also known as wireless network
mapping or access point mapping.
A common example of wardriving is Google’s Strret View, which involves cars recording footage for
interactive, online panoramas. Street View was used for wardriving by Google, which used equipment to
locate local-area networks (LANs), wireless hotspots, and home Wi-Fi networks.
Fig 4.6 Wardriving
Working of Wardriving:
✓ Equipment - A wardriver typically uses a laptop, smartphone, or a specialized device equipped with
Wi-Fi scanning capabilities. This device is often equipped with a wireless network adapter that can detect
nearby Wi-Fi signals.
✓ Scanning - The wardriver drives or walks around an area while their equipment actively scans for Wi-
Fi networks. The scanning software or app records information about each detected network, including its
SSID (Service Set Identifier, or network name), signal strength, encryption type, and sometimes GPS
coordinates.
✓ Database Creation - The collected data is often stored in a database, which can be used to create a
map of Wi-Fi networks in the area. Tools like WiGLE (Wireless Geographic Logging Engine) allow users to
contribute their data to a global database, creating a comprehensive map of Wi-Fi networks worldwide.
MCE CSE Page 24
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Analysis - The wardriver can then analyze the collected data to identify potential vulnerabilities in the
networks. This might include networks with weak or no encryption, default or easily guessable passwords, or
other security issues.
✓ Exploitation - While some wardrivers engage in this activity for research or ethical hacking purposes,
others may use the information to gain unauthorized access to vulnerable networks for malicious purposes,
such as data theft or eavesdropping.
Components of Wardriving:
There are both software and hardware components required for wardriving. Attackers must utilize a
combination of tools to execute a wardriving attack.
1. Wardriving software:
There are numerous software applications that a hacker might use to help crack passwords and decrypt
network routers, including packet sniffers, signal strength testers, and traffic analyzers. Since wardriving
happens on the move, wardriving software is typically run on a laptop computer or a mobile device. After data
has been collected, an attacker may share the information they’ve gathered on public platforms or map
software. Various software applications are available for scanning and mapping nearby Wi-Fi networks. Some
softwares include,
✓ NetStumbler - A Windows based tool for finding wireless networks.
✓ Kismet - A versatile open-source network detector, packet sniffing, and intrusion detection system.
✓ inSSIDer - A Windows based Wi-Fi scanner that provides information about nearby networks,
including signal strength and channel usage.
✓ WiGLE - A populare online database and mapping service for wardriving enthusiasts.
2. Wardriving hardware:
A wardriving attack can be completed with generic hardware such as Raspberry Pi, a popular single-
board computer that has the ability to connect to GPS devices.
3. Wardriving antenna:
An antenna attached to a moving vehicle helps the hacker detect vulnerable networks running on 2.4
GHz radio frequency. Most antennas, including omnidirectional antennas, can detect networks from miles
away.
MCE CSE Page 25
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
4. Bluetooth wardriving:
Hackers can also use Bluetooth to detect vulnerable wireless networks, since Bluetooth also operates
on 2.4 GHz radio frequency. Bluetooth wardriving allows hackers to collect data shared from unsecure
devices.
Protecting against Wardriving attack:
A wardriving attack can leave any device connected to the home Wi-Fi network vulnerable to data
theft, which is why it’s essential to take steps to secure the home wireless network against attackers. The
following precautions need to be taken to keep the devices and data safe.
✓ Change the Wi-Fi password from the default password. When one purchases a wireless plan, the
router generally comes with a username and password. Taking the time to customize the username and create
a strong password makes it more difficult for hackers to infiltrate the network.
✓ Turn off the Wi-Fi router when not using it. A router that’s turned off can’t be hacked, if one is
going out of the day or not planning on using the internet for an extended period of time, it’s wise to power
off the router.
✓ Review the network settings to ensure that one is up to date with the latest security patches.
Security patches reinforce potential vulnerabilities to keep the network secure.
✓ Set up encryption on the router, so that users are only able to access the router by entering the
correct password.
✓ Put up a firewall for an added level of security. A firewall will monitor requests for access and
block unauthorized activity.
By keeping the network security updated and taking basic safety precautions, one can protect the
home wireless against becoming a target of a wardriving attack. From identity theft to financial loss,
wardriving attacks can have harsh results for those that leave themselves and their personable data vulnerable
to hackers.
Pros of Wardriving:
✓ Network Mapping - Wardriving can help create comprehensive maps of Wi-Fi network coverage
in an area. This information can be useful for network administrators, ISPs (Internet Service Prvider), and
individuals looking for Wi-Fi hotspots.
✓ Troubleshooting - It can be used for troubleshooting network issues, such as identifying
interference sources, dead spots, or unauthorized access points on a corporate network.
MCE CSE Page 26
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Security Awareness - Wardriving can raise awareness about Wi-Fi network security
vulnerabilities. By identifying open or poorly secured networks, individuals and organizations can take steps
to improve their security.
✓ Research and Analysis - Researchers and security professionals can use wardriving data to
analyze trends, study wireless technology adoption, and assess the security of Wi-Fi networks on a larger
scale.
✓ Community Projects - Some wardriving enthusiasts contribute data to community-driven projects
like WiGLE, which aims to create a global map of Wi-Fi networks.
Cons of Wardriving:
✓ Privacy Invasion - Wardriving can be seen as an invasion of privacy because it involves scanning
and potentially accessing private Wi-Fi networks without consent. This can lead to ethical and legal issues.
✓ Security Risks - Wardriving can be used for malicious purposes, such as identifying vulnerable
networks for unauthorized access or launching attacks like "evil twin" or "man-in-the-middle" attacks.
✓ Legal Issues - Unauthorized access to computer networks, including Wi-Fi networks, is illegal in
many jurisdictions. Wardrivers may unknowingly violate the law, resulting in legal consequences.
✓ Misuse of Data - Data collected during wardriving can be misused if it falls into the wrong hands.
Personal information, network configurations, and security weaknesses can be exploited for nefarious
purposes.
✓ Resource Intensive - Wardriving can be time-consuming and may require specialized equipment,
making it resource-intensive. It may also involve driving around, consuming fuel and contributing to
environmental concerns.
✓ Outdated Information - Wardriving data can become outdated quickly, as new networks are
established, existing ones’ change, or security measures are improved.
WIRELESS HACKING:
If an attacker has access to the network connection, then they can easily sniff the network packets
from a nearby location. They use sniffing to find the SSID and hack wireless networks. They then monitor the
devices connected to the same network SSID.
Wireless Hacking Techniques:
A typical hacker attack is not a simple, one-step procedure. It is rare that a hacker can get online or
dial up on a remote computer and use only one method to gain full access. It is more likely that the attacker
MCE CSE Page 27
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
will need several techniques used in combination to bypass the many layers of protection standing between
MCE CSE Page 28
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
them and root administrative access. Therefore, as a security consultant or network administrator, one should
be well versed in these occult techniques in order to thwart them.
The following techniques are not specific to wireless networks. Each of these attacks can take
multiple forms, and many can be targeted against both wired and wireless networks.
1. Diverse Hacker Attack Methods:
Although computer skill is central to a hacker's profession, there are many additional facets that he
must master. In fact, if all one can do is point and click, he is a script kiddie, not a hacker. A real hacker must
also rely on physical and interpersonal skills such as social engineering and other "wet work" that involves
human interaction. However, because most people have a false stereotype of hackers, they fail to realize that
the person they are chatting with or talking to on the phone might in fact be a hacker in disguise. In fact, this
common misunderstanding is one of the hackers' greatest assets.
2. Social Engineering:
Social engineering refers to all techniques aimed at talking a target into revealing specific
information or performing a specific action for illegitimate reasons. It is a manipulation technique that
exploits human error to gain private information, access, or valuables. These “human hacking” scams tend to
lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted
systems.
3. The Virtual Probe:
A hacker often uses similar techniques like a scam artist. A popular method that hackers use is
pretending to be a survey company. A hacker can call and ask all kinds of questions about the network
operating systems, intrusion detection systems (IDSs), firewalls, and more in the guise of a researcher. If the
hacker was really malicious, he could even offer a cash reward for the time it took for the network
administrator to answer the questions. Unfortunately, most people fall for the bait and reveal sensitive
network information.
4. Lost Password:
One of the most common goals of a hacker is to obtain a valid user account and password. In fact,
sometimes this is the only way a hacker can bypass security measures. If a company uses firewalls, intrusion
MCE CSE Page 29
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
detection systems, and more, a hacker will need to borrow a real account until he can obtain root access and
MCE CSE Page 30
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
set up a new account for himself. However, to get this information, one of the easiest ways is to trick someone
into giving it to them. Then the hacker can connect from anywhere on the Internet and use an authorized
account to work his way deeper into the network.
5. Social Spying:
Social spying is the process of "using observation to acquire information." Although social
engineering can provide a hacker with crucial information, small businesses are better protected against social
engineering because many people in very small companies know each other.
6. Garbage Collecting:
Although one might consider a trash to be sacred territory that no one enters because it is dirty, the
trash of a company, is often a gold mine. Fishing through garbage to find passwords, also known as dumpster
diving, can provide a hacker with the crucial information needed to take over the network. In addition to
passwords, hackers can find memos, sensitive reports, diskettes, old hard drives, and more in the trash.
7. Sniffing:
A sniffer is a program and/or device that monitors all information passing through a computer
network. It sniffs the data passing through the network off the wire and determines where the data is going,
where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features
that enable them to filter a certain type of data, capture passwords, and more. Some sniffers can even rebuild
files sent across a network, such as an email or Web page.
A sniffer is one of the most important information gathering tools in a hacker's arsenal. The sniffer
gives the hacker a complete picture (network topology, IP addresses) of the data sent and received by the
computer or network it is monitoring. This data includes, but is not limited to, all email messages, passwords,
user names, and documents. With this information, a hacker can form a complete picture of the data travelling
on a network, as well as capture important bits of data that can help them gain complete control over a
network.
TOOLS OF THE TRADE:
Every organization interacts with different tools to protect itself from security threats. Ethical
Hacking tools are basically computer programs and scripts that can detect vulnerabilities in computer systems,
MCE CSE Page 31
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
servers web applications and networks.
MCE CSE Page 32
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
Hacking tools and software are computer programs or a complex type of script designed by the
developers that are used by hackers to know the weakness in computer OS, various web applications as well
as servers and networks. Employees, especially in banking sectors use hacking tools to secure their data from
attackers. Hacking tools are available either in open source form (freeware or shareware) or in commercial
solutions. One can also download such tools from the browser especially if someone wants to use them for
malicious purposes.
Ethical hacking tools are used by security professionals especially to get access to computer systems
in order to access the vulnerabilities in computer systems so that their security will improve. Security
professionals use hacking tools such as packet sniffers to intercept the network traffic, password crackers to
discover the passwords, port scanners to identify open ports on computers, etc. Though there is a variety of
hacking tools available in the market, one must keep in track, what should be its purpose.
The field of network administration is used to monitor the networks, manage firewalls, Intrusion
Detection Systems (IDS), VPNs (Virtual Private Network), anti-virus software, and anti-spam filters.
Significance of Hacking tools:
✓ It provides inside and outside security from the threats to end users.
✓ It is used to test the network security by finding loopholes in it and fixing them.
✓ One can also download ethical hacking software for their home network security from the open
source and secure it from threats.
✓ One can also get a vulnerability assessment to protect their network or system from external attacks.
✓ It is also used to audit the security of the company by ensuring that the computer system is running
smoothly with no issues.
Ethical Hacking Tools:
1. Invicti:
Invicti is a web application security scanner hacking tool to find SQL Injection, XSS, and
vulnerabilities in web applications or services automatically.
✓ It detects Dead accurate vulnerability with the help of unique Proof-Based Scanning Technology.
✓ It requires minimal configuration with a scalable solution.
✓ It automatically detects URL rewrite rules as well as custom 404 error pages.
MCE CSE Page 33
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ There is a REST API for seamless integration with the SDLC and bug tracking systems.
✓ It scans up to 1,000 plus web applications within just 24 hours.
2. Fortify WebInspect:
Fortify WebInspect is a hacking tool with comprehensive dynamic analysis security in automated
mode for complex web applications and services.
✓ It is used to identify security vulnerabilities by allowing it to test the dynamic behaviour of running
web applications.
✓ It can keep the scanning in control by getting relevant information and statistics.
✓ It provides Centralized Program Management, vulnerability trending, compliance management, and
risk oversight with the help of simultaneous crawl professional-level testing to novice security testers.
3. Cain and Abel:
Cain & Abel is an Operating System password recovery tool provided by Microsoft.
✓ It is used to recover the MS (Microsoft) Access passwords.
✓ It can be used in Sniffing networks.
✓ The password field can be uncovered.
✓ It Cracks encrypted passwords with the help of dictionary attacks, brute-force, and cryptanalysis
attacks.
4. Nmap (Network Mapper):
Nmap is mainly used for port scanning. It is primarily a command-line tool. Nmap is basically a
network security mapper capable of discovering services and hosts on a network, thereby creating a network
map. This software offers several features that help in probing computer networks, host discovery as well as
detection of operating systems. Being script extensible it provides advanced vulnerability detection and can
also adapt to network conditions such as congestion and latency while scanning.
5. Nessus:
Nessus is a well-known vulnerability scanner, which was designed by tenable network security. This
network-vulnerability scanner efficiently finds critical bugs on any given system. Nessus can detect the
following vulnerabilities,
✓ Unpatched services and misconfiguration.
✓ Weak passwords - default and common.
✓ Various system vulnerabilities.
MCE CSE Page 34
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
6. Nikito:
Nikto is a web scanner that scans and tests several web servers for identifying software that is
outdated, dangerous CGIs (Computer Generated Imaginary) or files, and other problems. It is capable of
performing server-specific as well as generic checks and prints by capturing the received cookies. It is a free,
open-source tool, which checks version-specific problems across 270 servers and identifies default programs
and files. Some of the features of Nikto hacking software are as follows,
✓ Open-source tool.
✓ Checks web servers and identifies over 6400 CGIs or files that are potentially dangerous.
✓ Checks servers for outdated versions as well as version-specific problems.
✓ Checks plug-inns and misconfigured files.
✓ Identifies insecure programs and files.
7. Kismet:
This is the best ethical hacking tool used for testing wireless networks and hacking of wireless LAN or
wardriving. It passively identifies networks and collects packets and detects non-beaconing and hidden
networks with the help of data traffic. Kismet is basically a sniffer and wireless-network detector that works
with other wireless cards and supports raw-monitoring mode. Some features of Kismet hacking software
include the following,
✓ Runs on Linux OS, which may be Ubuntu, backtrack, or more.
✓ Applicable to windows at times.
8. NetStumbler:
This is also an ethical hacking tool that is used to prevent wardriving, which works on operating
systems based on windows. It is capable of detecting IEEE 902.11g, 802, and 802.11b networks. A newer
version of this called MiniStumbler is now available. The NetStumbler ethical hacking software has the
following uses,
✓ Identifying AP (Access Point) network configuration.
✓ Finding causes of interference.
✓ Accessing the strength of signals received.
✓ Detecting unauthorized access points .
9. Acunetix:
This ethical hacking tool is fully automated, detecting and reporting on more than 4500 web
vulnerabilities, including every variant of XSS and SQL Injection. Acunetix fully supports JavaScript,
MCE CSE Page 35
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
HTML5, and single-page applications so one can audit complex authenticated applications. Basic features
include,
✓ Consolidated view.
✓ Integration of scanner results into other platforms and tools.
✓ Prioritizing risks based on data.
10. Netsparker:
If one wants a tool that mimics how hackers work, then they want Netsparker. This tool identifies
vulnerabilities in web APIs (Application Programming Interface) and web applications such as cross-site
scripting and SQL Injection. Features include,
✓ Available as an on-line service or Windows software.
✓ Uniquely verifies identified vulnerabilities, showing that they are genuine, not false positives.
✓ Saves time by eliminating the need for manual verification.
11. Intruder:
This tool is a completely automated scanner that searches for cybersecurity weaknesses, explains the
risks found, and helps address them. Intruder takes on much of the heavy lifting in vulnerability management
and offers over 9000 security checks. Features include,
✓ Identifies missing patches, misconfigurations, and common web application issues like cross-site
scripting and SQL Injection.
✓ Integrates with Slack, Jira, and major cloud providers.
✓ Prioritizes results based on context.
✓ Proactively scans systems for the latest vulnerabilities.
12. Nmap:
Nmap is an open-source security and port scanner, as well as a network exploration tool. It works
for single hosts and large networks alike. Cybersecurity experts can use Nmap for network inventory,
monitoring host and service uptime, and managing service upgrade schedules. The following are some of the
features,
✓ Offer binary packages for Windows, Linux, and Mac OS X.
✓ Contains a data transfer, redirection, and debugging tool.
✓ Results and GUI (Graphical User Interface) viewer.
MCE CSE Page 36
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
13. Metasploit:
The Metasploit Framework is open-source tool. Metasploit is geared towards penetration testing, and
ethical hackers can develop and execute exploit codes against remote targets. The features include,
✓ Cross-platform support.
✓ Ideal for finding security vulnerabilities.
✓ Great for creating evasion and anti-forensic tools.
14. Aircrack-Ng:
Aircrack-Ng offers ethical hackers an array of command-line tools that check and evaluate Wi-Fi
network security. Aircrack-Ng is dedicated to activities such as attacking, monitoring, testing, and cracking.
The tool supports Windows, OS X, Linux, eComStation, 2Free BSD, NetBSD, OpenBSD, and Solaris. Some
of the features include,
✓ Supports exporting data to text files.
✓ It can crack WEP keys and WPA2-PSK, and check Wi-Fi cards.
✓ Supports multiple platforms.
15. Wireshark:
Wireshark is a great hacking software for analyzing data packets and can also perform deep
inspections of a large number of established protocols. One can export analysis results to many different file
formats like CSV, PostScript, Plaintext, and XML. Some of the features include,
✓ Performs live captures and offline analysis.
✓ Cross-platform support.
✓ Allows colouring rules to packet lists to facilitate analysis.
✓ It’s free.
16. OpenVAS:
The Open Vulnerability Assessment Scanner is a fully featured tool performs authenticated and
unauthenticated testing and performance tuning. It is geared towards large-scale scans. OpenVAS has the
capabilities of various high and low-level Internet and industrial protocols, backed up by a robust internal
programming language.
17. SQLMap:
SQLMap is an open-source hacking software that automates detecting and exploiting SQL Injection
MCE CSE Page 37
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
flaws and taking control of database servers. One can use it to connect directly with specific databases.
MCE CSE Page 38
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
SQLMap completely supports a half-dozen SQL injection techniques (Boolean-based blind, error-based,
stacked queries, time-based blind, UNION query-based, and out-of-band). SQLMap’s features include,
✓ Powerful detection engine
✓ Supports executing arbitrary commands
✓ Supports MySQL, Oracle, PostgreSQL, and more.
18. Ettercap:
Ettercap is a free tool that is best suited for creating custom plug-ins. Some of the features include,
✓ Content filtering.
✓ Live connections sniffer.
✓ Network and host analysis.
✓ Active and passive dissection of a lot of protocols.
19. Maltego:
Maltego is a tool dedicated to link analysis and data mining. Maltego is best suited to working with
very large graphs. Its features include,
✓ Support for Windows, Linux, and Mac OS.
✓ Performs real-time information gathering and data mining.
✓ Displays results in easy-to-read graphics.
20. Burp Suite:
Burp Suite distinguishes itself as a web vulnerability scanner. Its features include,
✓ Scan scheduling and repeating.
✓ Uses out-of-band techniques.
✓ Offers CI integration.
21. John the Ripper:
This free tool is ideal for password cracking. It was created to detect weak UNIX passwords, and can
be used on DOS, Windows, and Open VMS. Some features include,
✓ Offers a customizable cracker and several different password crackers in one bundle.
✓ Performs dictionary attacks.
✓ Tests different encrypted passwords.
22. Angry IP Scanner:
This is a free tool for scanning IP addresses and ports. One can use this scanner on the Internet or local
MCE CSE Page 39
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
network, and supports Windows, MacOS, and Linux. Some of the features include,
MCE CSE Page 40
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Can export results in different formats.
✓ Command-line interface tool.
✓ Extensible with lots of data fetchers.
23. SolarWinds Security Event Manager:
SolarWinds emphasizes computer security improvement, automatically detecting threats and
monitoring security policies. One can easily keep track of the log files and get instant alerts should anything
suspicious happen. Some of the features include,
✓ Built-in integrity monitoring.
✓ Intuitive dashboard and user interface.
✓ Recognized as one of the best SIEM tools, helping one to easily manage memory stick storage.
24. Traceroute NG:
Traceroute focuses on network path analysis. It can identify host names, packet loss, and IP addresses,
providing accurate analysis via command line interface. Some of the features include,
✓ Supports IP4 and IPV6.
✓ Detects path changes and alerts one about them.
✓ Permits continuous network probing.
25. LiveAction:
This tool is used in conjunction with LiveAction packet intelligence, it can diagnose network issues
more effectively and faster. Some of it’s features include,
✓ Easy to use workflow.
✓ Automates network’s automated data capture is fast enough to allow rapid response to security
alerts.
✓ It’s packet intelligence provides deep analyses.
✓ Onsite deployment for use in appliances.
26. QualysGuard:
QualysGuard lets businesses streamline their compliance and security solutions, incorporating security
into digital transformation initiatives. Some of the features include,
✓ Globally trusted online hacking tool.
✓ Scalable, end-to-end solution for all manner of IT security.
MCE CSE Page 41
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Real-time data analysis.
✓ Responds to real-time threats.
27. WebInspect:
WebInspect is an automated dynamic testing tool that’s well-suited for ethical hacking operations. It
offers hackers a dynamic comprehensive analysis of complex web applications and services. It’s features
include,
✓ Lets users stay in control of scans through relevant statistics and information at a glance.
✓ Contains a variety of technologies suited for and level of tester, from novice to professional.
✓ Tests dynamic behaviour of web applications for the purpose of spotting security vulnerabilities.
28. Hashcat:
Password cracking is a big part of ethical hacking, and Hashcat is a robust cracking tool. It can help
ethical hackers audit password security, retrieve lost passwords, and discover the data stored in a hash.
Notable features include,
✓ Open source.
✓ Multiple platform support.
✓ Supports distributed cracking networks.
✓ Supports automatic performance tuning.
29. LophtCrack:
This is a password recovery and audit tool that can identify and assess password vulnerabilities over
local networks and machines.Some of the features include,
✓ Easily customizable.
✓ Fixes weak passwords issues by forcing a password reset or locking out accounts.
✓ Optimizes hardware courtesy of multicore and multi-GPU (Graphics Processing Unit) support.
30. Rainbow Crack:
It belongs to the password-cracking category. It employs rainbow tables to crack hashes, employing
a time-memory trade-off algorithm to accomplish it. It’s features include,
✓ Runs on Windows and Linux.
✓ Command-line and graphic user interfaces.
✓ Unified rainbow table file format.
MCE CSE Page 42
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
31. IKECrack:
IKECrack is an authentication cracking tool with the bonus of being open source. This tool is
designed to conduct dictionary or brute-force attacks. IKECrack enjoys a solid reputation for successfully
running cryptography tasks. Its features include,
✓ Strong emphasis on cryptography.
✓ Ideally suited for either commercial or personal use.
✓ Free.
32. Sboxr:
SBoxr is another open source hacking tool that emphasizes vulnerability testing. It has a favourable
reputation as a customizable tool that lets hackers create their own custom security scanners. Its main features
include,
✓ Easy to use and GUI-based.
✓ Supports Ruby and Python.
✓ Uses an effective, powerful scanning engine.
✓ Generates reports in RTF (Rich Text Format) and HTML (Hypertext Markup Language)
formats.
✓ Checks for over two dozen types of web vulnerabilities.
33. Medusa:
Medusa is one of the best online speedy, brute-force parallel password crackers tools out there for
ethical hackers.Some of it’s features include,
✓ Includes flexible user input which can be specified in many ways.
✓ Supports many services that allow remote authentication.
✓ One of the best tools for thread-based parallel testing and brute-force testing.
34. Cain and Abel:
Cain and Abel is a tool used to recover passwords for the Microsoft Operating System. It uncovers
password fields, sniffs networks, recovers MS Access passwords, and cracks encrypted passwords using
brute-force, dictionary, and cryptanalysis attacks.
35. Zenmap:
This open source application is the official Nmap Security Scanner software, and is multi-platform.
Zenmap is ideal for any level of experience, from newbies to experienced hackers.Some of it’s features
MCE CSE Page 43
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
include,
MCE CSE Page 44
Downloaded by Amutha Valli (amuthakucs@gmail.com)
lOMoARcPSD|57340829
CCS344 - ETHICAL HACKING UNIT 4 - SYSTEM HACKING
✓ Administrators can track new hosts or services that appear on their networks and track existing
downed services.
✓ Graphical and interactive results viewing.
✓ Can draw topology maps of discovered networks.
MCE CSE Page 45
Downloaded by Amutha Valli (amuthakucs@gmail.com)
You might also like
- CEH v12 Lesson 6 - Compromising Web ServersNo ratings yetCEH v12 Lesson 6 - Compromising Web Servers107 pages
- Green Publication,+Journal+Manager,+CS 6 2016 2No ratings yetGreen Publication,+Journal+Manager,+CS 6 2016 210 pages
- Name of The Faculty: Mrs.M.Akilandeeswari Subject Name & Code: Branch & Department: B.Tech & AI&DS Year & Semester: 2023 / VI Academic Year:2023-24No ratings yetName of The Faculty: Mrs.M.Akilandeeswari Subject Name & Code: Branch & Department: B.Tech & AI&DS Year & Semester: 2023 / VI Academic Year:2023-2416 pages
- Top Ten Web Attacks: Saumil Shah Net-SquareNo ratings yetTop Ten Web Attacks: Saumil Shah Net-Square46 pages
- Web Server Security and Survey On Web Application SecurityNo ratings yetWeb Server Security and Survey On Web Application Security6 pages
- CEHv8 Module 12 - Hacking Webservers PDFNo ratings yetCEHv8 Module 12 - Hacking Webservers PDF31 pages
- Module 05 Application and Web Security - HJNo ratings yetModule 05 Application and Web Security - HJ25 pages
- Introduction To Web Penetration TestingNo ratings yetIntroduction To Web Penetration Testing60 pages
- Typesofcyberattacks 150806095530 Lva1 App6892No ratings yetTypesofcyberattacks 150806095530 Lva1 App689217 pages
- Introduction To Ethical Hacking and Intrusion Prevention - 3No ratings yetIntroduction To Ethical Hacking and Intrusion Prevention - 319 pages
- Ethical Hacking Important Question and Answer According ChatgptNo ratings yetEthical Hacking Important Question and Answer According Chatgpt15 pages
- Cybersecuritybyajaydask 230102175458 D7aa4485No ratings yetCybersecuritybyajaydask 230102175458 D7aa448525 pages
- 22cs5201 - Theory of Computation - Question BankNo ratings yet22cs5201 - Theory of Computation - Question Bank12 pages
- 554098938-Millenium-Bank-Statement EPURENo ratings yet554098938-Millenium-Bank-Statement EPURE1 page
- ADMINISTRATIVE AND ELECTION LAWS - BarQsNo ratings yetADMINISTRATIVE AND ELECTION LAWS - BarQs16 pages
- Anthropology Edu Quarterly - 2008 - Hornberger - Bilingual Education Policy and Practice in The Andes Ideological ParadoxNo ratings yetAnthropology Edu Quarterly - 2008 - Hornberger - Bilingual Education Policy and Practice in The Andes Ideological Paradox29 pages
- Hkcee Economics - 8 National Income - P.1No ratings yetHkcee Economics - 8 National Income - P.19 pages
- Module 7 Q2 EmpowermentG11TechmanagemaintainonlineNo ratings yetModule 7 Q2 EmpowermentG11Techmanagemaintainonline17 pages
- Memorial On Behalf of The Respondent Memorial Resp100% (3)Memorial On Behalf of The Respondent Memorial Resp26 pages
- Challenges To Democracy in The 21st Century Series: Titles IncludeNo ratings yetChallenges To Democracy in The 21st Century Series: Titles Include13 pages
- Education Immigration Consultants Rs. 6.50 Million May-2021No ratings yetEducation Immigration Consultants Rs. 6.50 Million May-202138 pages
- Worksheet 2 Chapter 2 Building and Enhancing Magcamitreina ChiaraNo ratings yetWorksheet 2 Chapter 2 Building and Enhancing Magcamitreina Chiara6 pages
- List of Type Approved Equipment October 2023No ratings yetList of Type Approved Equipment October 2023122 pages
- Semiotics of Images Alexandros PH Lagopoulos Karin Boklundlagopoulou Instant DownloadNo ratings yetSemiotics of Images Alexandros PH Lagopoulos Karin Boklundlagopoulou Instant Download31 pages
- State Common Entrance Test Cell: 2127 Mahatma Gandhi Missions College of Engineering, Hingoli RD, NandedNo ratings yetState Common Entrance Test Cell: 2127 Mahatma Gandhi Missions College of Engineering, Hingoli RD, Nanded24 pages