Page 136 - Cyber Defense eMagazine for July 2020
P. 136
implemented based on the javascript face recognition library using Haar-Cascades. Hence, this
implementation enhances the security disabling misuse of the features by strangers or unknown
individuals.
Hacking Mechanisms
Port Scanning
Reconnaissance is the first step to any hacking activity, since it is highly important to analyze the intended
target on an intricate, or at the least, a basic level. Port scanning is one such pre-enumeration method
used to identify open ports and services available on a network host. It could also be considered as a security mechanism,
since from the countermeasures defined above, it is a method of detection/prevention. It can be performed for detection of
open ports within any network, enabling admins to close or secure unused or time-constrained ports. Hackers, on the other
hand, can use port scanning to identify the open ports through which they can access the network to perform ping attacks or
smurf attacks at the least. Implementation of this mechanism requires the python nmap module that supports various types
of scans.Fig 5 depicts the port scanning process.
Fig 5: Port Scanning demonstration
Reverse Shell
Gaining access to target systems could be a pain, hence, Reverse Shells have been integrated to provide
substantial aid in enumeration and forensic analysis. For this, a client side package is provided, which
when run on the target machine, would in turn activate the reverse shell, establishing connection by
binding sockets over ports. Once the reverse shell is active, users can type in unix commands to access
the data and such on the target machine. It also enables users to download or upload files over ftp
connections.
Keylogger
The keylogger is another great tool which can be used to log keystrokes. Users are provided with a client
package which will run in the background on the target machine and will be able to record keystrokes
Cyber Defense eMagazine –July 2020 Edition 136
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.