Professional Documents
Culture Documents
Ethical Hacking
Level 0
By SRIKANTA SEN
Certified Ethical Hacker
This book does not teach you ethical hacking, but you can't learn ethical
hacking without having the knowledge of these basic topics.
Level 0 is a term used in Data structure [Computer Science], which means
the root or the starting point, this book will drop you at the starting point
Thanks to Team
Special Thanks To
Copyright Notice
THE TOPICS DISCUSSED IN THIS BOOK SHOULD NOT BE
COPIED OR REPRODUCED UNLESS SPECIFIC PERMISSIONS
HAVE BEEN GIVEN TO YOU BY THE AUTHOR SRIKANTA
SEN.
ANY UNAUTHORIZED USE; DISTRIBUTION OF FULL OR
ANY PART OF THIS BOOK IS STRICTLY DISCOURAGED.
Liability Disclaimer
THE TERM HACKING SHOULD BE READ AND
UNDERSTOOD AS ETHICAL HACKING.
ETHICAL HACKING AND PENETRATION TESTING ARE
INTERCHANGEABLY USED IN THIS BOOK.
AUTHOR IS NOT AGAINST OR IN FAVOR OF ANY
ORGANIZATION OR COUNTRY.
NO SUGGESTION OR CRITISISM TO ANY COUNTRY OR
ORGANIZATIONS BUSINESS POLICY BY THE AUTHOR.
THE INFORMATION PROVIDED IN THIS EBOOK IS FOR
EDUCATIONAL PURPOSES ONLY.
THE EBOOK CREATOR IS NOT RESPONSIBLE FOR ANY
MISUSE OF THE INFORMATION PROVIDED.
THE INTENTION OF THIS EBOOK IS TO MAKE YOU AWARE
ON ETHHICAL HACKING.
WHENEVER REQUIRED THE AOUTHOR GAVE REFERENCE
ABOUT THE SOURCE INFORMATION OF PICTURE AND
CONTENT.
Contents at a Glance
-------------------------------------------------------------------------------Introduction.....................................................................07-09
Ethical Hacking Concepts..............................................10-15
Penetration Testing Concepts........................................16-16
Basics of Communications.............................................17-20
OSIRM ..........................................................................21-33
Protocols and Ports........................................................34-34
Computer Systems Architectures.................................35-39
Proxy...............................................................................40-42
Basics of Wireless and Mobile Communications........43-47
Command Line Basics for Ethical Hacking................48-52
Virtualization.................................................................53-75
HTTP and HTTPS........................................................76-79
Password........................................................................80-84
Cryptography and Encryption....................................85-91
Steganography..............................................................92-96
Malware........................................................................97-102
Google Hacking..........................................................103-117
HTML.........................................................................118-128
JAVASCRIPT...........................................................129-136
Contents at a Glance
-------------------------------------------------------------------------------Python........................................................................137-148
Server-Side Programming.......................................149-156
Relational Algebra and SQL...................................157-169
Join a Ethical Hacking School.................................170-170
Introduction
If a report is to be believed, released by software security services
provider, Norton around 42 million people in India have become
victims of cyber crimes in 2012. As many as 500,000 U.S. jobs are
lost each year from costs associated with cyber espionage, according
to the report, released by the security firm McAfee and the Center
for Strategic and International Studies. The report also says that
hacking costs the overall U.S. economy as much as $100 billion each
year. U.S. companies spend millions of dollars securing their
networks, buying insurance and repairing their reputations after
getting hacked.
According to Nasscom India will require at least 77,000 ethical
hackers every year, whereas we are producing only 15,000 in a year.
India faces a dearth of 450,000 cyber army where demand will be
around 500,000 in the near future.
In India news appears in paper that thousands of graduate engineers
are jobless. According to news published in Times of India July
only 18% engineering grads are employable. If we consider the
extended report; out of 6 lakh engineers that graduate annually, only
18.43% of them are employable for the software engineer-IT
services role, while just 3.95% are appropriately trained to be
directly deployed on projects. For core jobs in mechanical,
electronics/electrical and civil jobs, only a mere 7.49% are
employable. OMG, I dont think India will ever be able to fill the
skill gap in cyber security sector.
In spite of the huge contribution of Indian students in various sectors
of world education over the centuries, this "cyber security domain"
may be overlooked by them. We find in one sector there is a huge
demand for professions and in the other side unskilled jobless
graduate engineers, I think something is wrong with the system.
Educationalist can answer it better.
10
11
3. You close out your work, not leaving anything open for
you or someone else to exploit at a later time.
4. You let the software developer or hardware manufacturer
know of any security vulnerabilities you locate in their
software or hardware, if not already known by the
company.
[source: computerhope.com]
Types of Hackers
Ethical Hacker (White hat): They hack for a good motive and
always report the weakness to the developer team or to the team, that
deployed themselves to find weakness. The best thing is that they
have a face, I mean they don't disclose their identity.
Cracker (Black hat): They hack for a bad motive and gain
unauthorized access to computer systems. They hide their face and
don't come in front of public.
Grey hat: Sometimes they are White hat, Sometimes Black hat
depending on situation.
Script kiddies: They don't have in depth knowledge of hacking,
basically non-skilled person who gains access to computer systems
using already available tools.
Suicide Hackers: The concept of suicide hackers is the same as
suicide bombers. They hack, they caught and get punishment
according to law.
Phreak: It is a person who tries to intrude systems for fun or
malicious personal activities. Mostly they are children of age 12-15
who don't even know wrong consequences of hacking.
Hacktivist: They hack for a purpose, in order to send any social,
religious or political messages.
12
13
Reconnaissance
o Active / passive
Scanning
Gaining access
o Operating system level / application level
o Network level
o Denial of service
Maintaining access
o Uploading / altering / downloading programs or data
Covering tracks
14
15
website defacing
child pornography
data breach
E-mail bombing
Computer Hacks
Network Hacks
Data diddling
usage of virus, worms, Trojans
Harassment through mails and chats
spoofing- email, sms, call
defamation
software piracy
spamming etc
16
17
Basics of Communications
Data refers to the raw facts that are collected while information
refers to processed data
Data Communication is a process of exchanging data or information
between two devices over a transmission medium.
The data can flow between the two devices in the following ways
1. Simplex: One way communication.
2. Half Duplex: Two way communication, but not simultaneously.
Example: A walkie-talkie
3. Full Duplex: Two way communication and simultaneously.
Example: mobile phones.
source : ni.com
Categories of Network
Networks are categorized on the basis of their size. The three basic
categories of computer networks are:
18
19
[source www.conceptdraw.com]
20
Digital modulation
Modulation of digital signals known as Shift Keying
Amplitude Shift
Keying (ASK): Binary
bit stream is 101, 1 is
represented by signal, 0
is represented by no
signal.
Frequency Shift
Keying (FSK): Binary
bit stream is 101, 1 is
represented by one kind
of signal, 0 is
represented by different
kind of signal.
21
[source: https://infosys.beckhoff.com]
22
Segment
Transport layer
Packet
Networking layer
Frame
Bits
Physical layer
23
24
25
TCP/IP MODEL
It is also called as the TCP/IP protocol suite. It is a collection of
protocols. It existed even before the OSI model was developed.
Transmission Control Protocol (TCP) and Internet Protocol (IP) are
the two most important lower-level protocols enabling Internet
connectivity. IP is responsible for moving packets of data from one
connection point to the next, while TCP verifies the integrity of data
traveling between two endpoints. TCP and IP work together so much
that the two protocols are commonly referred to as TCP/IP.
Originally it had four layers (bottom to top):
1.
2.
3.
4.
26
[source www.hardwaresecrets.com]
TCP/IP Model and its Relation to Protocols of the TCP/IP Suite
Layer
Protocols
Application
Transport
TCP, UDP
Internet
Network
interface
27
The File Transfer Protocol (FTP) is used for interactive file transfer.
The Simple Mail Transfer Protocol (SMTP) is used for the transfer
of mail messages and attachments.
Telnet, a terminal emulation protocol, is used for logging on
remotely to network hosts.
The Domain Name System (DNS) is used to resolve a host name to
an IP address.
The Simple Network Management Protocol (SNMP) is used
between a network management console and network devices
(routers, bridges, intelligent hubs) to collect and exchange network
management information.
Transport layer protocol
28
The Network Interface layer (also called the Network Access layer)
is responsible for placing TCP/IP packets on the network medium
and receiving TCP/IP packets off the network medium. TCP/IP was
designed to be independent of the network access method, frame
format, and medium. In this way, TCP/IP can be used to connect
differing network types. These include LAN technologies such as
Ethernet and Token Ring and WAN technologies such as X.25 and
Frame Relay. Independence from any specific network technology
gives TCP/IP the ability to be adapted to new technologies such as
Asynchronous Transfer Mode (ATM).
[source technet.microsoft.com]
29
TCP/IP
It has 7 layers
It has 4 layers
Host number
30
[Source: ccnablog.com]
31
[source: tcpipguide.com]
Number of networks and host in each class is given below
32
Another problem with IPv4 is that the IPv4 header length is variable.
It is acceptable when routing was done by software. But now routers
are built within hardware, and processing the variable length headers
in hardware is hard. The large routers that allow packets to go all
over the world are having problems coping with the load. Clearly, a
new scheme was needed with fixed length headers.
IP version 6 (IPv6)
IPv6 is a newer numbering system that provides a much larger
address pool. than IPv4. It was deployed in 1999 and should meet
the worlds IP addressing needs well into the future. Here Address
Size is 128-bit number.IPv6 addresses are so much larger than IPv4
addresses and even representing them in decimals is difficult. Hence
the IPv6 addresses are represented in hexadecimal numbers,
separated by a colon.
for example 3FFE:F200:0234:AB00:0123:4567:8901:ABCD.
Total number of address possible is
2128 = ~340,282,366, 920,938,463,463,374, 607,431,768,211,456.
Comparison of IPv4 and IPv6 header
[source 343networks.wordpress.com]
33
34
35
36
37
38
39
Client/server
It is like lecture-based learning
Eating at a restaurant
P2P
It is like project-based learning
Eating at home
40
Proxy
What is proxy
When an user ask for a webpage from a server, the client sends the
ip address to the website, so that the response get back to the client
ip address, in this way the client keeps a stamp of the computer in
server.
A proxy or a proxy server is a computer that is placed between the
attacker and the target computer. Proxy server allow an attacker to
hide his/her identity in the network .When I say hide identity, two
things an attacker wants to hide a)IP address b)MAC address
IP address is used to find the geographic location and MAC address
is used to find the machine used (in the network) used for hacking.
41
42
43
44
45
802.11a
802.11b
802.11g
802.11i
802.11i improves WLAN security
46
Wireless attacks
War Driving: It is the act of locating and possibly exploiting
connections to WLANs while driving around a city or
highway.
War Walking: Walking around to search for open wireless
networks
War Flying: Searching open wireless network while flying
War Chalking: Using chalk to identify available open
networks
Blue Jacking: Use of Bluetooth technology to temporarily
hijack another person's cell phone.
Wireless hacking tools
Aircrack
AirSnort
Cain & Able
Kismet
47
NetStumbler
WireShark
How to secure wireless networks
In order to minimize wireless network attacks; individual or
organization can adopt the following policies.
48
49
to find a particular task and to kill it, you need to know the
process id.
taskkill /PID 2484/F :: kills the task [PID is process id,/F is for
forcefully]
50
51
You can use ls command to list out all the files or directories
available in a directory.
52
53
Virtualization
It is the act of creating a virtual (rather than actual) version of
something, including virtual computer hardware platforms, operating
systems, storage devices, and computer network resources.
VMware, VirtualBox, are well known virtualization software
products. Desktop virtualization software such as VMware (VMware
Player), Oracle VirtualBox are freely available for home users.
Desktop virtualization software give user facility to install and run
multiple Operating Systems on desktop or laptop computer in virtual
environment without disturbing the host OS. For Example host may
be XP, guest Os may be LINUX, BACKTRACK, Windows server.
Ethical Hackers need to know these softwares otherwise the host
operating system may be corrupted while performing some
experients. VMware, VirtualBox Both are powerful with negligible
difference at your level.
Oracle VM VirtualBox can be downloaded from
https://www.virtualbox.org/
VMware, Inc. is an American company that provides cloud and
virtualization software and services, VMware can be downloaded
//www.vmware.com/
54
55
56
57
58
59
60
61
62
63
Media source is the ISO image of the OS, where the ISO file is
physically stored in hard disk.
64
65
VMWARE
66
67
68
69
70
71
72
73
74
75
76
GET: A client use the GET request for a web resource from
the server.
HEAD: A client can use the HEAD request to get the header
that a GET request would have obtained.
POST: Used to post data up to the web server.
PUT: Send some document to the server for storing purpose.
DELETE: Request the server to delete the data or object on
server.
TRACE: Ask the server to return a diagnostic trace of the
actions in the path from client to server.
OPTIONS: Ask the server to return the list of request
methods it supports.
77
With it you can not only read about all the elements that loads a web
page, but also can do the following
The headers of requests and responses (Request and response
headers)
Cookies sent and received (Sent and received cookies)
The parameters of the URL (query string parameters)
POST parameters (POST parameter)
The response from the remote server
An example of HTTP header when performed on
http://www.alahadgroup.com
78
79
If the certificate validation process fails then that means the website
has failed to verify its identity. At that point the user is typically
presented with a certificate validation error and they can choose to
proceed at their own risk, because they may or may not actually be
communicating with the website they think they are talking to.
Some Status Codes Associated with HTTP
Number
200
301
400
401
403
404
500
503
Meaning
OK
Moved Permanently
Bad Request
Unauthorized
Forbidden
Not Found
Internal Server Error
Service Unavailable
80
Password
What is a password
A password is an unspaced sequence of characters used to determine
the actual user of the device or the application. Passwords usually
comes with user identification. Passwords are encrypted and are not
visible at the time of typing.
81
82
83
84
85
86
87
88
89
[source voer.edu.vn]
Base 16: In base 16 Cryptographic Hash Functions,16 characters
are used to encrypt or decrypt, these 16 characters are 0-9,A-F.Most
popular hexadecimal hash value is MD5. It accepts variable length
message from the user and converts it into a fixed 128-bit message
digest value.
Base 32: It uses 32 characters are used to encrypt or decrypt, these
16 characters are A-Z , 2-7.
Base 64: It uses 64 characters are used to encrypt or decrypt, these
16 characters are A-Z ,a-z,0-9,+,/.It always ends with ==
90
You can use the following site for encryption and decryption
- Ceaser Encrypt
- Ceaser Decrypt
- Decimal to Binary
- Decimal to Hexadecimal
- Decimal to Octal
- DES Encrypt
- Generate CRC32 Checksum
- Hexadecimal to ASCII
- Hexadecimal to Binary
- Hexadecimal to Decimal
- Hexadecimal to Octal
- HTML Entities Encode
- MD5 Dictionary attack
91
- Base 64 Decode
- Binary to ASCII
- Binary to Decimal
- Binary to Hexadecimal
- Binary to Octal
- Octal to Hexadecimal
- Reverse
- ROT-13
- SHA1 Encrypt
- URL Decode
- MD5 Encrypt
- Morse Code Encrypt
- Morse Code Decrypt
- Octal to Binary
- Octal to Decimal
- SHA256 Encrypt
- URL Encode
- XOR Encrypt
92
Steganography
Analyzing data is an important part of ethical hacking and
penetration testing, Data may be alphanumeric or picture, video. If I
tell you a story, it will be more clear.
According to a news published in website http://arstechnica.com
".When a suspected al-Qaeda member was arrested in Berlin in May
of 2011, he was found with a memory card with a passwordprotected folderand the files within it were hidden. But, as the
German newspaper Die Zeit reports, computer forensics experts
from the German Federal Criminal Police (BKA) claim to have
eventually uncovered its contentswhat appeared to be a
pornographic video called 'KickAss.'
Within that video, they discovered 141 separate text files, containing
what officials claim are documents detailing al-Qaeda operations
and plans for future operationsamong them, three entitled "Future
Works," "Lessons Learned," and "Report on Operations."
Steganography was widely used in World War II. Consider the
following example of a null cipher (unencrypted messages) used by
a German spy in World War II [David Kahn, The Codebreakers, The
Macmillan Company. New York, NY 1967].
Apparently neutral's protest is thoroughly discounted and ignored.
Isman hard hit. Blockade issue affects pretext for embargo on by
products, ejecting suets and vegetable oils.
The following message may be obtained by taking the second letter
form each word and a little manipulation:
Apparently neutral's protest is thoroughly discounted and
ignored. Isman hard hit. Blockade issue affects pretext for
embargo on byproducts, ejecting suets and vegetable oils.
Pershing sails from NY June 1.
93
Steganography vs Encryption
Encryption is the practice of systematic information scrambling so
that it may be unscrambled later.
But steganography is the practice of information hiding.
Steganography + Encryption = Big Trouble for Law Enforcement
Agencies
Steganography Carrier Files
bmp
jpeg
gif
wav
mp3
94
Steganography Tools
MP3Stego
S-Tools (GIF, JPEG)
StegHide (WAV, BMP)
Invisible Secrets (JPEG)
JPHide
Camouflage
Hiderman
Snow
To retrieve the text, open "new.jpg" in notepad, last lines have the
text.
95
96
97
Malware
What is a Malware
Malware is a piece of malicious Code or software that is used by
cybercriminals to disrupt computer operations, steal personal or
professional data, gather sensitive information, or gaining access to
computer systems without user knowledge or approval.
Malware dominates the entire cyber crime domain, According to a
study by Kaspersky Lab about 291,800 new mobile malware
programs were found in the second quarter of 2015, nearly three
times more malware than in 2015's first quarter
Types of Malware
Virus: It is a program or piece of code that is loaded onto your
device. It is attached to a host program, the host is usually a
legitimate looking program or file. Once the program is launched,
the virus is executed and starts infecting files on your computer
Viruses can also replicate themselves. virus is spread by human
action.
Examples of computer viruses are:
> Macro virus
>Boot virus
>Logic Bomb virus
>Directory virus
>Resident virus
Worm: It is similar to virus but with a difference, it does not require
any host program to spread. It can also replicate themselves and it
can spread without any human action.
98
99
100
Anti-Malware Program :
Anti-Malware programs are used to prevent, detect, and remove
computer viruses, worms, Trojan horses and any other type of
malware from your device
Examples of Anti-Malware program:
a) Antivirus program
What is antivirus?
Antivirus software detects, and then prevents or removes malicious
programs or 'viruses'. Antivirus doesn't offer a perfect solution to the
problem of malware, but it should be the second step to secure your
PC or laptop after the first step firewall.
Popular Antivirus programs
b) Anti-spyware program
What is Anti-Spyware
Anti-spyware program is designed to prevent , detect and delete
unwanted spyware program installations.
101
102
103
Google hacking
What is web search engine
A web search engine is a software system that is designed to search
for information on the World Wide Web. The search results are
generally presented in a line of results often referred to as search
engine results pages (SERPs). The information may be a mix of web
pages, images, and other types of files. Some search engines also
mine data available in databases or open directories. Unlike web
directories, which are maintained only by human editors, search
engines also maintain real-time information by running an algorithm
on a web crawler. [defined in en.wikipedia.org]
In simple word Search engines are programs that search some
documents specified by the keywords in the world wide web and
returns a list of the documents where the keywords were found.
Typically, Web search engines work by sending out a spider to fetch
as many documents as possible.
104
105
archive.org
106
source[http://www.brighthub.com/]
Google Hacking Database, GHDB, Google Dorks - Exploit-DB
Google hacking is a computer hacking technique that uses Google
Search and other Google applications to find security holes in
the configuration and computer code that websites use.
[defined in en.wikipedia.org]
A Google dork query, sometimes just referred to as a dork, is a
search string that uses advanced search operators to find information
that is not readily available on a website.
107
108
109
The contents available in this site is not for beginners, but some day
it will be required on your way to become an elite hacker.
110
site
Description
Restrict result to that particular domain, like site:.pk,
will bring all sites with the domain "site:.pk"
intitle
inurl
filetype
allintext
link
111
Description
index.of passlist.txt
Description
inurl:axis.cgi ext:cgi
intitle:Global Traffic
Statistics "Ntop"
inurl:printer/main.html
inurl:/view.shtml
".git" intitle:"Index of"
112
Description
index.of passlist.txt
Description
ALL cv
113
Description
inurl:admin.php site:.pk
intitle:admin
intitle:admin login
intitle:administrator
inurl:adminlogin.asp
inurl:administrator
Various sections of www.exploit-db.com/google-hackingdatabase site
practice more from here
114
Shodan
At DEFCON 17 in 2009, John Matherly debuted a search engine
named Shodan (after the villainous computer in the cult-classic
video game, System Shock). Shodan was received with some alarm
in the media, who named it The worlds scariest search engine.
Shodan is the search engine for next generation of hackers. Internet
of Things(IOT) is on the way, IOT will connect every possible
device in the net. " Shodan is the world's first search engine for all
Internet-connected devices. "
Shodan runs 24/7 and collects information on about 500 million
connected devices and services each month.Using shodan is simple,
create an account and then use it, without creating an account
searching is possible but with limited facility.
With Shodan you can find
+Unprotected Webcams
+Find Traffic Lights
+Find Routers
+Find SCADA Systems(SCADA devices are those that control such things as
the electrical grid, water plants, waste treatment plants, nuclear power
plants, etc.)
+Find the Default Passwords
115
click on webcam
116
Indexeus was developed by the Portuguese Jason Relinquo, a 23year-old hacker which has built a searchable archive
containing over 200 million entries. it retrieves all the available
information on user account acquired from hundreds recently
data data breaches. The data collected includes information on
malicious hackers stolen recent hack, including Adobe and Yahoo!.
Anyway Indexeus website was rapidly targeted by other hackers, a
few days ago the search engine was defaced by hacker group
Pernicious Developers which also deployed a backdoor shell on the
website.
117
118
HTML
HTML started its life in 1989, when it was designed to be the
publishing language of the newly created World Wide Web. HTML
(Hyper Text Markup Language) was originally developed by a man
named Tim Berners-Lee a physicist back in early 1989. The first
version of HTML 1.0 was initially released as a publishing language.
HTML is a language used for describing the structure of the web
page. Using HTML markups one can create a web page. In other
words HTML is used to create a web document. Every HTML
document contains three main sections the head, title and the body.
All HTML file must have an htm or html file extension.
You should know HTML, because most of the websites use HTML.
For a hacker analyzing the web page code is important.HTML 4 is
popularly used but, HTML5 is there with lots of new feature. We are
going to learn both.
How to View HTML Source
To find out, simply right click on the browsers and Source or Page
Source or view source. This will open a window that shows you the
actual HTML of the page.
HTML is the language of web. So first comes what is web
A web is a complex, cross platform, cross language, cross cultural
mesh of servers,
clients, users, databases, all talking, working, searching, viewing,
accessing, downloading together.
A website is a collection of web pages (documents that are accessed
through the Internet), A web page is what you see on the screen
when you type in a web address, click on a link, or put a query in a
search engine.
119
[source www.sans.org]
How to write and run HTML file
1)open notepad
2)type the code
3) save it with a name, say demo.html
Tag Description
Defines an HTML document
Defines the document's body
Defines header 1 to header 6
120
<p>
<br>
<hr>
<!-->
Defines a paragraph
Inserts a single line break
Defines a horizontal rule
Defines a comment
<HTML>
<HEAD>
<TITLE>Sample Headings</TITLE>
</HEAD>
<BODY>
<H1 ALIGN=LEFT>Left-aligned Heading</H1>
<H2 ALIGN=CENTER>Centered Heading</H2>
<H3 ALIGN=RIGHT>Right-aligned Heading</H3>
<P>web programming</P>
<P>html and html5 </P>
<P ALIGN=CENTER>
Take some break<BR>
And travel when you are free<BR>
</P>
</BODY>
</HTML>
Basic HTML Tags
<b> </b>
<i> </i>
<u> </u>
<pre> </pre>
<ul> </ul>
<ol> </ol>
<table> </table>
<tr>
<td>
Tag Description
Creates a Bold face text.
Creates an Italic face text.
Used for underline text.
Text between these tags is "pre formatted".
Creates an un numbered list with each list item
as bullet point.
Creates a numbered list with each item in the
list is numbered.
Creates a table.
to create new row
to create a column within the table row.
121
<HTML>
<HEAD>
<TITLE>Sample Program</TITLE>
</HEAD>
<BODY>
<P>
Making some text <B>bold</B>
or <I>italic</I>
is a useful technique, some are<u>underline</u>
</P>
</BODY>
</HTML>
<HTML>
<HEAD>
<TITLE>
Creating table
</TITLE>
</HEAD>
<BODY>
<TABLE BORDER=2 CELLSPACING=4 align=center>
<TR>
<TD>Student Name</TD>
<TD>Student Age</TD>
<TD>Roll Number</TD>
</TR>
<TR>
<TD>AA</TD>
<TD>BB</TD>
<TD>CC</TD>
</TR>
122
</TABLE>
</BODY>
</HTML>
<HTML>
<HEAD>
<TITLE>
list example
</TITLE>
</HEAD>
<BODY>
<P align=center>Creating a list</P>
<UL>
<LI>bca
<LI>btech
<LI>mca
</UL>
</BODY>
</HTML>
HTML Forms are required when you want to collect some data
from the site visitor. The HTML <form> tag is used to create an
HTML form and it has following syntax:
Some elements used in HTML form is explained below.
<form action="Script URL" method="GET|POST">
form elements
</form>
<html>
<head>
<title>working in a form</title>
</head>
<body>
123
<form >
User ID : <input type="text" name="user_id" /><br>
Password: <input type="password" name="password" /><br>
<input type="checkbox" name="ice" value="on"> ICE
<input type="checkbox" name="sand" value="on"> SAND <br>
<input type="radio" name="subject" value="ice"> ICE
<input type="radio" name="subject" value="sand"> SAND <br>
<select name="dropdown">
<option value="ice" selected>ICE</option>
<option value="sand">SAND</option>
</select><br>
<input type="submit" name="submit" value="Submit" />
<input type="reset" name="reset" value="Reset" />
<input type="button" name="ok" value="OK" />
</body>
</html>
124
HTML5
HTML5 has introduced a lot of changes one important change is
form validation. Validating web forms has always been a painful
task for many developers. In html4 they have to use some scripting
codes like JavaScript to performing client side validation.
Furthermore informing users about the validation error is a tedious
task.
HTML5 overcome these problem. There are basically five areas of
improvements when it comes to form features in HTML5:
125
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>Forms Complete Example</title>
<form>
color<input type="color" value="#b97a57"> <BR>
date<input type="date" value="2015-10-28"><BR>
email<input type="email" value="ss@gmail.com"><BR>
age<input type="number" value="4"><BR>
range<input type="range" value="15"><BR>
string<input type="search" value="[Any text]"><BR>
number<input type="tel" value="[Any numeric value]"><BR>
</form>
</body>
</html>
126
New Attributes
autocomplete An option to turn off automatic form completion of
values for a field. Possible values are on and off.
autofocus Whether focus should be set to this field as soon as it has
loaded.
formmethod For buttons that submit a form to be able to override
the forms method attribute, in case a button should change the
method.
list To connect with a <datalist> element by its id, to use its
<option> elements as suggestions.
max Maximum value for the value that can be put in.
min Minimum value for the value that can be put in.
multiple Allows for selection of multiple files for <input
type=file> elements, and for multiple e-mail addresses separated
by a comma.
pattern Declaring what pattern should be used for validating a
fields value, in the form of a regular expression.
placeholder Meant to be able to display a hint to the end user what
to input.
readonly If a field should be readonly.
required For validation purposes, if a field is required or not.
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>Forms Complete Example</title>
<form>
TEXT1<input type="text" autocomplete="off"><BR>
TEXT2<input type="text" autofocus><BR>
RANGE1<input type="range" max="95"><BR>
RANGE2<input type="range" min="2"><BR>
127
New Elements
datalist Contains a number of <option> elements with values that
can be used as suggestions for other form elements through the
usage of the list attribute on them.
keygen Offers a way to create a public/private key pair where the
public key is sent with the form
meter The meter element is for displaying values on a bar, where
you can custom control min, max and assigned value. You can also
128
129
Why JavaScript?
According to a survey report published in "www.net-security.org"
on "Global analysis of 10 million web attacks" it was found
that, Four main types of attack comprise the vast majority of
attacks targeting web applications these are Directory Traversal,
Cross-Site Scripting, SQL injection, and Remote File Inclusion.
[source http://www.net-security.org/]
To understand xss attack, apart from theory you should know
html and little bit of scripting, javascript is the most popular
scripting language and from the above picture it is clear that 36%
web attack comprise xss. It holds second position in the OWASP
Top Ten 10 Web Application Security Risks for 2013.So your
knowledge about javascript is important.
Cross-site Scripting XSS
Cross-site Scripting (XSS) attacks occur when an attacker uses a
web application to send malicious code, generally in the form of a
browser side script, to a different end user. Flaws that allow these
attacks to succeed are quite widespread and occur anywhere a
web application uses input from a user in the output it generates
without validating or encoding it.
XSS attacks are essentially code injection attacks into the various
interpreters in the browser. These attacks can be carried out using
HTML, JavaScript, VBScript, ActiveX, Flash, and other client-
130
side languages. These attacks also have the ability to gather data
from account hijacking, changing of user settings, cookie
theft/poisoning, or false advertising is possible. In some cases,
Cross Site Scripting vulnerabilities can perform other functions
such as scanning for other vulnerabilities and performing a Denial
of Service on your web server.
[defined in
www.owasp.org]
This is not the place to discuss more on xss, so we will
concentrate on basics.
JavaScript
JavaScript is a client side scripting language, meaning that it runs
in the browser used by user. JavaScript, developed originally by
Netscape, is a lightweight, interpreted programming language
initially called LiveScript.
why developers use JavaScript?
Form Validation at the client-side
Create mouseover effects, change background colour of a
document with a click of a button... interactivity!
JavaScript can also be used to create animations and games.
Change page contents dynamically.
JavaScript can be used to build out the entire server using
things like Node.js or Meteor (JavaScript platform).
Load content in new browser windows and frames.
JavaScript is commonly used to write phone apps using Phone
Gap and Apache Cordova. These apps can be built to run on any
smart phone with the same source code.
What JavaScript cannot do?
It cannot touch any files on your hard drive (besides cookies)
It also cannot read/write any files on the server
131
<html>
<head>
<title>This is a JavaScript example</title>
<script language="JavaScript">
<!-document.write("Hello World!");
//-->
</script>
</head>
<body>
This is a part of html boy
</body>
</html>
132
133
onclick is a event
<html>
<head>
<script language="JavaScript">
function disp_okcan()
{
var res=confirm("Press a button"); //if u press ok, then res
variable stores true otherwise false
if (res==true)
{
document.write("You pressed OK!");
}
else
{
document.write("You pressed Cancel!");
}
}
</script>
</head>
<body>
<input type="button" onclick="disp_okcan()" value=" press" />
</body>
</html>
134
<html>
<head>
<script language="JavaScript">
function product(a,b)
{
return a*b;
}
</script>
</head>
<body>
<script language="JavaScript">
document.write(product(4,4)); // result is 16
</script>
</body>
</html>
Form validation example with userid and password
<html>
<head>
<SCRIPT Language="JavaScript">
function validate(x)
{
if ((x.id.value != "sen")||(x.pass.value !="sen123"))
{
alert("Invalid Login");return false;
}
else
alert("welcome");
}
</script>
</head>
135
<body>
<form>
<p>UserID:<input type="text" name="id"></p>
<p>Password:<input type="password" name="pass"></p>
<p><input type="button" value="Login"
onClick="validate(this.form)"></p>
</form>
</body>
</html>
<html>
<head>
<SCRIPT Language="JavaScript">
function validate()
{
if(document.login.uid.value=="")
{
alert ("Please enter User Name");return false
}
if(document.login.password.value=="")
{
alert ("Please enter Password");return false
}
}
function emailcheck()
{
var x=document.login.email.value
if (x.indexOf("@")==-1)
[@ is missing]
{
alert("You entered an invalid email address.")
document.login.email.focus()
}
}
</script>
</head>
136
<body>
<form name="login" onsubmit="return validate()">
<p>UserID:<input type="text" size="10" name="uid"><p>
<p>Password:<input type="text" size="10"
name="password"><p>
<p>Email:<input type="text" size="20" name="email"
onblur="emailcheck()">
<input type="submit" name="submit" value="Submit">
</form>
</body>
</html>
137
Python
Why python
Python is a brilliant language. At certain stage of hacking you have
to build some hacking tools, python is best suitable for that. I am
assuming that you know any one programming language, so
obviously not going to discuss the logic of programming, just
demonstrating some example.
The python version I use is python 2.7.9,which is more stable than
python 3.You can download python from
"https://www.python.org/downloads/".I downloaded a windows
version of python.
Python is a general-purpose interpreted,interactive, object-oriented
and high-level programming language. Python was created by Guido
van Rossum in the late eighties and early nineties. Like Perl, Python
source code is also now available under the GNU General Public
License (GPL).
Features of python
>Support for functional and structured programming methods as
well as OOP.
>It can be used as a scripting language or can be compiled to bytecode for building large applications.
>Very high-level dynamic data types and supports dynamic type
checking.
>Supports automatic garbage collection.
>It can be easily integrated with C, C++, COM, ActiveX, CORBA
and Java.
138
139
>>> 11
11
>>> 2+(3*2)
8
>>>
>>> 1 + 5 ; 6 2
6
4
140
141
>>> first = 5
>>> second = 6
>>> print first + second
11
>>> first = '10'
>>> second = '15'
>>> print first + second
1015
>>> name = raw_input('What is your name?\n')
What is your name?
Ss
>>> print name
Ss
x = 13
y = 15
print("The sum of", x, "plus", y, "is", x+y)
142
143
//if else
if a>b:
144
>>> first = 5
>>> second = 6
>>> print first + second
11
>>> first = '10'
>>> second = '15'
145
2.1
ss
[8, 9]
19
{"city":"kolkata"}
4
for i in [4, 6, 7, 8, 10]:
print i
6
7
8
10
146
... print a + b
... <hit return>
3
5
7
Use of function
def happyBirthday():
>>>
Happy Birthday to you!
happyBirthday()
def happyBirthday(person):
147
def happyBirthday(person):
print("Happy Birthday to you!")
print("Happy Birthday to you!")
print("Happy Birthday, dear " +
person + ".")
print("Happy Birthday to you!")
def main():
userName = input("Enter the persons
name: ")
happyBirthday(userName)
main()
Basic File Handling
File is a place to store data sequentially, The first thing is open the
file. When you open the files, you can specify with parameters how
you want to open them. The "r" is for reading, the "w" for writing
and the "a" for appending.
Example of file read
fh = open("file2.py","r")
content = fh.read()
print content
write and save it with "file2.py"
file name
>>>
fh = open("file2.py","r")
content = fh.read()
print content
>>>
148
>>>
fh = open("file2.py","r")
>>>
149
Server-side programming
Server-side programming means some programs that run on the
remote web server and then returns the processed information to a
client's web browser. Some popular server side programming
languages are Perl, PHP, Python, Ruby, Java server pages,
ASP.NET, ColdFusion etc.
Below is a comparison of popularity of server-side programming
languages for websites. PHP is used by 81.5% of all the websites.
Source http://w3techs.com
150
151
152
<body>
<?php
echo "first program";
?>
</body>
</html>
Output : first program
153
<html>
<head>
<title>My First PHP Page</title>
</head>
<body>
<?php
echo "Hello World! ";
echo "Hello World! ";
echo "Hello World! ";
?>
</body>
</html>
Output : Hello World! Hello World! Hello World!
<?php
$str1= "Hello!";
// str1 is a variable, written with $
$str2= "ajit";
echo $str1;
echo $str2;
?>
Output : Hello!" ajit
<?php
$addition = 5 + 6;
$subtraction = 6 - 5;
$multiplication = 5 * 3;
$division = 15 / 3;
echo "after addition: 5 + 6 = ".$addition."<br />";
echo " after subtraction: 6 - 5 = ".$subtraction."<br />";
echo " after multiplication: 5 * 3 = ".$multiplication."<br />";
echo " after division: 15 / 3 = ".$division."<br />";
?>
Output : after addition: 5 + 6 =11
after subtraction: 6 - 5 = 1
after multiplication: 5 * 3 = 15
after division: 15 / 3 = 5
154
<?php
$str1= "Hello!";
strings together
$str2= "ajit";
$str3= $str1.$str2;
echo $str3;
?>
Output : Hello!" ajit
<?php
$t1 = 10;
$t2 = 12;
if ($t1 < $t2)
//example of if else
{
echo $t1 ." less than " . $t2;
}
else
{
echo $t2 ." more than " . $t1;
}
?>
Output : 10 less than 12
<?php
$color = "green";
switch ($color)
{
case"red":
echo "Your favorite color is red!";
//example switch case
break;
case "blue":
echo "Your favorite color is blue!";
break;
case "green":
echo "Your favorite color is green!";
break;
default:
echo "Your favorite color is neither red, blue, nor green!";
}
155
?>
Output : Your favorite color is green!
<?php
for ($i = 0; $i <= 10; $i++)
{
echo "The number is: $x\n "; //loop syntax similar to c language
}
?>
Output : The number is: 0
The number is: 1
<?php
$play = array("cricket", "football", "baseball");
echo "I like " . $play[0] . ", " . $play[1] . " and " . $play[2] . ".";
//array
?>
Output : I like cricket, football and baseball.
<html>
//form name home.html
<body>
<form action="submit.php" method="post">
//this form calling submit.php file
// form method is post.
Name: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
<input type="submit">
</form>
</body>
</html>
<html>
<body>
156
157
T1
Roll
Name
T2
Marks
Roll
Name
Marks
Ana
20
devid
23
devid
23
clinton
21
alen
26
hamid
28
158
Selection ( ) operation
select from T1,where marks more
than 25
T1
Roll
4
Name
alen
T2
Marks
Roll
26
Name
Marks
devid
23
hamid
28
Projection ( ) operation
select roll and marks from T1,where marks more than 25
Algebra: Roll, Marks ( Marks>25 (T1))
Roll
4
Marks
26
select roll and marks from T2,where marks more than 23 and less than 29
Algebra: Roll, Marks ( Marks>23 and Marks<=28 (T2))
Roll
Marks
23
28
159
Set-difference
Set-difference ( T1-T2)
Set-difference ( T2-T1)
T1-T2
Roll
Name
T2-T1
Marks
Roll
Name
Marks
Ana
20
clinton
21
alen
26
hamid
28
Roll
Name
Marks
Ana
20
devid
23
alen
26
clinton
21
hamid
28
Roll
2
Name
devid
Intersection (T1
160
Marks
23
T2)
Cross-product (x)
T1
Roll
T2
Name
Marks
Roll
Name
Marks
Ana
20
devid
23
devid
23
clinton
21
Roll
Name
Marks
Ana
20
Ana
20
Roll
2
devid
3
devid
23
devid
23
Name
23
clinton
devid
Marks
clinton
21
23
21
161
T1
T2
Roll
Name
Roll
Marks
Ana
26
devid
21
alen
28
T1
Roll
Name
T1
T2
devid
Marks
26
T2
Roll
Name
Marks
Ana
NULL
devid
26
alen
NULL
T1
T1
Roll
Name
T2
T2
Marks
Ana
NULL
devid
26
devid
26
NULL
21
alen
NULL
NULL
28
NULL
21
NULL
28
162
T1
Roll
Name
Marks
Name
Marks
Ana
20
1st row
devid
23
2nd row
Name
Marks
Ana
20
devid
23
163
T1
T2
Roll
Name
Roll
Marks
Ana
26
devid
21
alen
28
Name
T2
Marks
Roll
Name
Marks
Ana
20
devid
23
devid
23
clinton
21
alen
26
hamid
28
164
Selection ( ) operation
select from T1,where marks more
than 25
hamid
28
Projection ( ) operation
select roll and marks from
T1,where marks more than 25
Algebra: Roll, Marks (
Marks>25 (T1))
SQL: select Roll, Marks
from T1
where Marks >25;
165
Roll
Roll
Marks
26
Marks
23
28
Set-difference
Set-difference ( T1-T2)
SQL: (select * from T1)
Minus
(select * from T2)
Set-difference ( T2-T1)
SQL: (select * from T2)
Minus
(select * from T1)
T1-T2
Roll
Name
T2-T1
Marks
Ana
20
alen
26
Roll
Name
Marks
clinton
21
hamid
28
166
Intersection (T1
Roll
Name
T2)
Roll
Marks
Ana
20
devid
23
alen
26
clinton
21
hamid
28
Name
devid
Name
Marks
Ana
20
devid
23
167
Marks
23
T2
Roll
Name
Marks
devid
23
clinton
21
Roll
Name
Marks
Ana
20
Ana
20
Roll
2
devid
3
devid
23
devid
23
Name
23
clinton
devid
Marks
clinton
21
23
21
168
T1
Roll
T2
Name
Roll
Marks
Ana
26
devid
21
alen
28
T1.Roll= T2.Roll)
T1
T1
T2
Roll
Name
Marks
Devid
23
Roll
Name
T2
Marks
Ana
devid
23
alen
NULL
169
NULL
T1
T2
T2
Ana
NULL
Roll
Name
Marks
devid
23
devid
23
alen
NULL
NULL
21
NULL
21
NULL
28
NULL
28
170
171
172