Follow Us

Ethical hacking for beginners

Ethical Hacking Trojan Attacks |TCP/IP Hijacking:

Trojans have several malicious functions:  
1. Present on a victim system, or to observe the activities of the victim.
2. Trojans can steal all your financial data like bank accounts, transaction details,
3.PayPal related information, etc. These are called Trojan-Banker.
4. Trojans can use the victim computer to attack other systems using Denial of
5. Trojans can encrypt all your files and the hacker may thereafter demand money to
   decrypt them. These are Ransomware Trojans.
6. They can use your phones to send SMS to third parties. These are called SMS

Trojan Information:

Quick Tips:

1. Install a good antivirus and keep it updated.
2. Don’t open email attachments coming from unknown sources.
3. Don’t accept the invitation from unknown people in social media.
4. Don’t open URLs sent by unknown people or URLs that are in weird form.

Ethical Hacking – TCP/IP Hijacking:

TCP/IP Hijacking is once a licensed user gains access to a real network association
of another user. it's tired order to bypass the password authentication that is generally the start of a session. In theory, a TCP/IP connection is established as shown below:

To hijack this association, their area unit 2 possibilities:

Find the seq that could be a variety that will increase by one, however, there's no probability to predict it.
The second chance is to use the Man-in-the-Middle attack that, in simple
words, maybe a kind of network sniffing. For sniffing, we tend to use tools like Wireshark or Ethercap.
  1. A hacker monitors the information transmitted over a network and discovers the   IP’s of 2 devices that participate in a very association.
  2. When the hacker discovers the information processing of 1 of the users, he will place down the association of
  3. the other user by DoS attack then resumes communication by spoofing the Internet Protocol of the disconnected user.

In apply, one in all the simplest TCP/IP hijack tools is Shijack. it's developed exploitation Python language and you'll transfer it from the subsequent link:
Here is Associate in Nursing example of a

Shijack command:

root:/home/root/hijack# ./shijack eth0 53517 23
Here, we are trying to hijack a Telnet connection between the two hosts.
Hunt is another popular tool that you can use to hijack a TCP/IP connection. It can be
downloaded from

Ethical Hacking – Email Hijacking:

Email Hijacking, or email hacking, maybe a widespread menace these days. It works by victimization
the following 3 techniques that are

  1. email spoofing
  2. social engineering tools
  3. inserting viruses during a user pc.

Email Spoofing:

In email spoofing, the sender sends emails from a known domain, therefore the receiver thinks that he is aware of this person and opens the mail. Such emails usually contain suspicious links, uncertain content, requests to transfer cash, etc.

Social Engineering:
Email hacking can also be done by phishing techniques. See the following screenshot.

Spammers send promotional emails to completely different users, providing a large discount and tricking them to fill in their personal information. you've got tools accessible in Kali which will drive you to hijack an email.

Inserting Viruses in a User System:
The third technique by that a hacker will hijack your email account is by infecting your system with a virus or the other reasonably malware. With the assistance of a virus, a hacker will take all of your passwords.

How to notice if your email has been hijacked?

The recipients of spam emails include a bunch of individuals you recognize.
you are attempting to access your account and also the countersign now not works.
you are attempting to access the “Forgot Password” link and it doesn't move to the expected email.
Your Sent things folder contains a bunch of spams you're not conscious of causation.

Quick tips:

In case you're thinking that your email got hijacked, then you wish to require the subsequent actions:
modification of the passwords forthwith.
send word your friends to not open links that they receive from your email account.
Contact the authorities and report that your account has been hacked.
Install an honest antivirus on your laptop and update it.
discovered double authentication countersign if it's supported.

Recent Posts