Post List

Tuesday, November 13, 2018

23.System Hacking Overview


23.1 System Hacking Overview



Figure 23-1 Basic Concept for System Hacking

The operating system manages various system resources. Let's take a look at the system operation from the point of view of an application. An operating system (Windows in this case) records the configuration information on a virtual device called the “Registry” when an application is installed or is running. This information is used as important data to determine operation when the operating system first starts. When an application is working, the operating system loads key data from the hard disk to memory. The data required for the CPU to operate is stored in the internal registers in the CPU, and applications are executed in the form of processes that are internally divided into threads. The data used by a process is stored in a certain area in memory, and the memory is divided into a stack, heap, and code area according to the corresponding characteristics.

System hacking exploits the specific operating characteristics of the operating system on which the applications are running. The first step involves installing a hacking program inside the system. It is not easy to install a hacking program through normal routes, and the most commonly used method involves inducing a file to be downloaded from a web site or a torrent. When video files and music files are downloaded and opened, a hacking program can be installed on the system without notice. If the infected user is the administrator for a PC operating as a main system inside of a firewall, a serious situation can result.

A buffer overflow attack, which will be described later, can be examined to easily understand how to plant hacking code inside of Word documents, videos, music, and image files. First, find vulnerabilities in the application code. If you make a program execute the stored code in unintended memory areas, you can easily install a backdoor or registry search program.

The hacking code that is installed can operate as a backdoor that transmits user information to the hacker. It can also search registry key information or can change values and cause problems in the system. Furthermore, it can be used as a means to acquire the financial information of the user.

Most known attacks can be blocked by installing system patches and anti-virus programs. However, it is sometimes necessary to also prevent new types of attacks. Hacking technology continually evolves, and although vaccines and defense technologies have been developd for operating systems, the spear is always one step ahead of the shield, and a variety of hacking attacks are still prevalent on the Internet.

at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

27.Python Stack-Based Buffer Overflow

27.1 Introduction   Figure 27-1 Stack Based Buffer Overflow Basic Concept Stack-based buffer overflow techniques takes advantage...

  • 04. API hook utilizing pydbg module
    Let's use pydbg, a debugger module that was developed to take advantage of the Win32 API. To properly utilize the pydbg module, the ba...
  • 05. Image File Hacking
    1. Overview of Image File Hacking Python provides very powerful features to handle files. Python can open a binary file and can change o...
  • 02.Basic Concept for a Windows Application
    In order to hack a Windows application using Python, it is necessary to have basic knowledge of the Windows API. Windows API consists of ...