PDA

View Full Version : Computer Hacking Questions



Putputt
03-26-2014, 07:39 PM
Hellossss computer experts of AW! I have a few queshuns about hacking. Thank you very much for your time!

1. If you hack into someone's computer, would you leave a trace? Would the person be able to trace it back to you?

2. If there is a trace, would it be possible to manipulate the trace so that it traces to a different computer? Would there be evidence of such manipulation having occured?

3. Would it be easier to hack using a physical keylogger planted in the person's computer? What if it's a laptop?

4. If you used a physical keylogger, would it be easy to trace it back to you?

Thankyewssss!

ETA: More details!

The hacker needs to have continual access to the computer. If possible, I need a trace which can be manipulated to trace back to a different computer (so that the hacker can frame someone else for it), but it is preferable if there is at least evidence of a manipulation (so that someone else can figure out that the trace is a false one). Would that be doable?

-The hacker is a 17-yr-old girl in a boarding school. She is hacking into a teacher's computer (she can break into his office if needed, so if a physical keylogger works better, then that can be achieved) to access his files and steal test papers. She'd probably want to access his computer about once a week, just to copy the files. She doesn't need to edit or add new files.

-Since they're at a boarding school, they're all on the same wireless network. Her computer is probably registered under a user name and ID given by the school. Is there a way that she could mask that, or redirect the trace (if there is one) to, say, another student? (But it needs to be able to be traced.)

Maxx B
03-26-2014, 08:37 PM
Hi,

It all depends on how the person accessed the computer and what defenses were in place.

Physical access: Other than fingerprints, DNA or CCTV, I could probably boot your computer with a second external operating system, like Linux on a CD or USB pen drive and take a copy of your hard drive and you would never know. If I booted your computer with the installed operating system (e.g. Windows) there will be basic entries in log files, but nothing traceable. You could tell someone had used the PC but not much else.
There are some security programs that use the PCs web cam to take a photo or movie of people logging in to a PC, you could use this idea if you want the person found.

Remote access: To access a computer via the Internet, you would either have to have access through the PCs network firewall or trick the user into going to a compromised web site that allowed the bad guys to take control of the PC. Most domestic firewalls are set up to block remote access out of the box, so you would need to find a reason for the PC owner to either disable the firewall or open the appropriate ports and configure port forwarding.
Better would be for the attacker to get a virus onto the PC. It is not unusual for people to be less than careful with keeping antivirus software up to date. In a corporate environment, this scenario is less likely.

Hacking is not as simple as the movies make it out to be, what might be easier for us to help with, it if you post the results you are trying to achieve and then we can suggest ways that it could be accomplished.

Putputt
03-26-2014, 08:58 PM
Hi,

It all depends on how the person accessed the computer and what defenses were in place.

Physical access: Other than fingerprints, DNA or CCTV, I could probably boot your computer with a second external operating system, like Linux on a CD or USB pen drive and take a copy of your hard drive and you would never know. If I booted your computer with the installed operating system (e.g. Windows) there will be basic entries in log files, but nothing traceable. You could tell someone had used the PC but not much else.
There are some security programs that use the PCs web cam to take a photo or movie of people logging in to a PC, you could use this idea if you want the person found.

Remote access: To access a computer via the Internet, you would either have to have access through the PCs network firewall or trick the user into going to a compromised web site that allowed the bad guys to take control of the PC. Most domestic firewalls are set up to block remote access out of the box, so you would need to find a reason for the PC owner to either disable the firewall or open the appropriate ports and configure port forwarding.
Better would be for the attacker to get a virus onto the PC. It is not unusual for people to be less than careful with keeping antivirus software up to date. In a corporate environment, this scenario is less likely.

Hacking is not as simple as the movies make it out to be, what might be easier for us to help with, it if you post the results you are trying to achieve and then we can suggest ways that it could be accomplished.

Thank you! Hrmm, let's see...

The hacker needs to have continual access to the computer. If possible, I need a trace which can be manipulated to trace back to a different computer (so that the hacker can frame someone else for it), but it is preferable if there is at least evidence of a manipulation (so that someone else can figure out that the trace is a false one). Would that be doable? Thank you!!

Bing Z
03-26-2014, 09:10 PM
I remember reading about a hacker who used to steal data from blackmarket hackers. He typically rented a hotel room near some good Wifi sources (like office towers) in San Francisco and used those wifi connections. And he changed hotels quite often ;). Those crimals he'd been stealing from and the FBI had been tracking him for years without success. IIRC he finally got caught cuz his partner buying goods off stolen credit cards left traces for the feds. I'm not sure if I've kept the name of this guy. Lemme know if you want it.

Another common way of doing serious hacking business is to hack into or have dumb users download malware into their computers, then hijack those computers (I think they're called zombies from then on) to do illegal hacking. This route probably fits you better. The feds will trace back but they likely will catch the innocent guys (or not, these guys want porn and get bugs). Then they trace from the zombies to Nigeria/Kenya... From then you can have it work either way. But you'll need a more technical source to guide you through...

onesecondglance
03-26-2014, 09:34 PM
The hacker needs to have continual access to the computer.

Access for what - to spy on what they're doing? Or do they need copies of the files? Or do they need to edit or add new files too?

It might be easiest to describe the plot points in question. :)

melindamusil
03-26-2014, 09:40 PM
Another common way of doing serious hacking business is to hack into or have dumb users download malware into their computers, then hijack those computers (I think they're called zombies from then on) to do illegal hacking. This route probably fits you better. The feds will trace back but they likely will catch the innocent guys (or not, these guys want porn and get bugs). Then they trace from the zombies to Nigeria/Kenya... From then you can have it work either way. But you'll need a more technical source to guide you through...

This is one of the most common forms of hacking. The hacker will email the user a trojan horse, which is a type of malware that gets onto your computer by appearing to be something non-threatening. For example, the email may say something like "download this to get a bunch of free porn", or "download this to access your winnings from the Nigerian lottery". But instead of giving them free porn or money, the malware might install a keystroke logger (which would allow the hacker to see everything the user does on the computer), steal banking information, encrypt files and demand a ransom payment to get the files back, or allow the hacker to control the computer remotely.

Also, it doesn't HAVE to promise free porn or money. It just has to look legitimate enough to convince the user to download it.

I am pretty sure this is how the US government (don't know which branch) has previously succeeded in getting malware onto government computers in Iran.

Putputt
03-26-2014, 09:42 PM
I remember reading about a hacker who used to steal data from blackmarket hackers. He typically rented a hotel room near some good Wifi sources (like office towers) in San Francisco and used those wifi connections. And he changed hotels quite often ;). Those crimals he'd been stealing from and the FBI had been tracking him for years without success. IIRC he finally got caught cuz his partner buying goods off stolen credit cards left traces for the feds. I'm not sure if I've kept the name of this guy. Lemme know if you want it.

Another common way of doing serious hacking business is to hack into or have dumb users download malware into their computers, then hijack those computers (I think they're called zombies from then on) to do illegal hacking. This route probably fits you better. The feds will trace back but they likely will catch the innocent guys (or not, these guys want porn and get bugs). Then they trace from the zombies to Nigeria/Kenya... From then you can have it work either way. But you'll need a more technical source to guide you through...

Omg, that sounds so high-tech and cool! I'm not sure if my hacker is talented enough to do that... Bwuuhhhh. :D


Access for what - to spy on what they're doing? Or do they need copies of the files? Or do they need to edit or add new files too?

It might be easiest to describe the plot points in question. :)

Dohhh, I'm such a noob I had no idea the distinction matters! Okay, more details here:

-The hacker is a 17-yr-old girl in a boarding school. She is hacking into a teacher's computer (she can break into his office if needed, so if a physical keylogger works better, then that can be achieved) to access his files and steal test papers. She'd probably want to access his computer about once a week, just to copy the files. She doesn't need to edit or add new files.

-Since they're at a boarding school, they're all on the same wireless network. Her computer is probably registered under a user name and ID given by the school. Is there a way that she could mask that, or redirect the trace (if there is one) to, say, another student?

melindamusil
03-26-2014, 09:52 PM
Dohhh, I'm such a noob I had no idea the distinction matters! Okay, more details here:

-The hacker is a 17-yr-old girl in a boarding school. She is hacking into a teacher's computer (she can break into his office if needed, so if a physical keylogger works better, then that can be achieved) to access his files and steal test papers. She'd probably want to access his computer about once a week, just to copy the files. She doesn't need to edit or add new files.

-Since they're at a boarding school, they're all on the same wireless network. Her computer is probably registered under a user name and ID given by the school. Is there a way that she could mask that, or redirect the trace (if there is one) to, say, another student?

FYI - My mom is a teacher, and I've helped several of the teachers at her school with computer stuff. I think this is a plus for you, because in my experience, teachers as a whole are not very tech savvy. (Seriously- I've had to teach some of them how to "copy" and "paste"!) The exception would be if the teacher you want to hack teaches technology classes, though that can just add a layer of challenge, if you want. It is MUCH easier to hack a computer idiot than to hack, say, Edward Snowden.

Telergic
03-26-2014, 10:12 PM
All she needs to do is walk into the office and insert a thumb drive to copy the files. Unless the teacher was paranoid and had nonstandard security there would be virtually no trace of the copying action.

In this case the only "hacking" required would be the teacher's password to log in. There might be a log of logins, but no way to identify who had logged in, and the odds are something like a million to one against anyone at the school even knowing the log exists. Nobody at an ordinary school would have the skills to detect simple data theft like this.

With slightly more audacity and risk, not even the password is needed, as the "hacker" could just wait for the teacher to go to a staff meeting or to lunch, and again it's almost certain that the teacher doesn't manually log out, just lets the screen saver kick in after 5 or 10 minutes.

If you want to convey some sense of leet skillz from the hacker, she can place a tiny camera covering the computer to capture the password by actually watching the teacher's fingers on the keys or to monitor the teacher's comings and goings.

Maxx B
03-26-2014, 10:24 PM
This method should be achievable by someone with some computer aptitude and time to do the research.

As both computers are on the same network, it is unlikely that there would be lots of security, beyond antivirus and malware. Most IT staff will have installed software or opened up ports on all networked computers for remote support. Nobody I know in the industry, myself included likes to walk all the way to a userís PC for a simple fix.

Your hacker only has to find out how the remote support software works. Social engineering is the key here. She could make friends with one of the IT staff and learn that way. She could delete files on her PC and then as the IT folks connect remotely, she can then find out what system they use.

She will also need a username and password with admin rights. Two ways here, either a careless IT worker leaves him/herself logged in whilst fixing a classroom PC, maybe to take a bathroom break. The second, she watches the IT person to get their password as he/she is working. Once she has access she can make her own admin password. She should not use the IT personís password very often as that would be spotted fairly quickly, but used once to make a new fake admin account would work.

Once she has her password, she can log in remotely and install a software key logger or take copies of files etc. To hide her location she can change her computerís IP address to that of the person she is trying to frame. As long as that personís PC is turned off, the network will accept it. She could ultimately be traced via her computerís MAC address when the plot calls for it. The IT staff could feasibly have network logs monitoring this. They would not be routinely monitored so it wouldnít show up unless they were looking for the cause of a problem.

If you want it to sound more high tech then we can get more technical, but the above scenario provides continual access, a method to hide her activities and a mechanism to trace her when the time comes. Having worked in the IT industry and as a lecturer, all of the above would be possible on an average school network.

NeuroGlide
03-26-2014, 11:13 PM
Omg, that sounds so high-tech and cool! I'm not sure if my hacker is talented enough to do that... Bwuuhhhh. :D

They make prewritten scripts to automate the processs for newbies. That's how they got the name script kiddies.


-The hacker is a 17-yr-old girl in a boarding school. She is hacking into a teacher's computer (she can break into his office if needed, so if a physical keylogger works better, then that can be achieved) to access his files and steal test papers. She'd probably want to access his computer about once a week, just to copy the files. She doesn't need to edit or add new files.

-Since they're at a boarding school, they're all on the same wireless network. Her computer is probably registered under a user name and ID given by the school. Is there a way that she could mask that, or redirect the trace (if there is one) to, say, another student?

If she has physical access to the computer it's easy. A shared computer has the password written down somewhere. If it a personal computer or file access is restricted by user/password combo, then there are a half dozen generic passwords before you start guessing pet names. Or you look for an admin account/password probably taped to the bottom of a drawer.

Even if they've got the computer locked down five way to Sunday, you can still get in. Computers by default check their CD/DVD drive for bootable media before booting from their hard drive. Place a CD/DVD with a live (bootable) linix distro in there and reboot and it will run off that. Once it boots up into linix, it's your computer. Reboot after you're done and no trace left at all.

Wilde_at_heart
03-27-2014, 12:11 AM
Omg, that sounds so high-tech and cool! I'm not sure if my hacker is talented enough to do that... Bwuuhhhh. :D



Dohhh, I'm such a noob I had no idea the distinction matters! Okay, more details here:

-The hacker is a 17-yr-old girl in a boarding school. She is hacking into a teacher's computer (she can break into his office if needed, so if a physical keylogger works better, then that can be achieved) to access his files and steal test papers. She'd probably want to access his computer about once a week, just to copy the files. She doesn't need to edit or add new files.

-Since they're at a boarding school, they're all on the same wireless network. Her computer is probably registered under a user name and ID given by the school. Is there a way that she could mask that, or redirect the trace (if there is one) to, say, another student?

If she can break into the office, one of the easiest ways to 'hack' into someone else's computer is to figure out their password.

In one WIP of mine, the MC finds it scribbled onto a blotter pad under the guy's keyboard. Others use their dog or spouse's name along with birth-dates or other stuff that can be fairly easily guessed.

Such a thing could probably be done remotely as well (or shouldn't be too difficult to find whatever VPN access this teacher uses) and wouldn't likely be detected unless the IT staff had a very good reason to be nosy.

benbradley
03-27-2014, 12:31 AM
...
I am pretty sure this is how the US government (don't know which branch) has previously succeeded in getting malware onto government computers in Iran.
You're surely talking about Stuxnet, which transmitted itself in many ways, including flash/thumb drives, which is supposedly how it got on the target computers, which were not on the Internet. Like a lot of people running stuff on work computers, the operators loaded games and whatever onto the computers to use for their own purposes (maybe they were writing novels), and Stuxnet rode along.
http://en.wikipedia.org/wiki/Stuxnet

Too many people leave Windows' "autoexec" function on (which it is by default), which lets any CD, DVD or flash drive run and install something on the computer just by being plugged in.

They make prewritten scripts to automate the processs for newbies. That's how they got the name script kiddies.
This is another point, she's going to have all sorts of traces on her computer of what she did. Also, there will be traces online from whatever search engines she used and likely other places online, so even if she formatted the hard drive of the computer she used, there are surely traces left online. But this wouldn't be found unless some government agency suspected her of something.

robjvargas
03-27-2014, 12:42 AM
Don't forget the savvy of the victim. How likely is the teacher to figure out that a hack has taken place?

I've cleaned three dozen bits of ugly code from the computer of one user who continued to swear there were no viruses or other badware on their PC.

Duncan J Macdonald
03-27-2014, 03:30 PM
So far, this has been an interesting discussion. However, I do believe the OP is looking for a simpler resooution.

1. If the MC has physical access to the teacher's office, then a physical key-logger is the easiest and best way of getting userid and password information. Once she has that, any follow-on visit to the office will get her access to anything she wants.

2. The campus is on a single wi-fi network. (even if the school is only one building, that stretches my suspension of disbelief a tad). The wi-fi router keeps a log of all MACs that access it, along with the IP address assigned. The MC has already had success with a physical access attack -- I believe that she would use the same method to gain access to a classmate's computer, and plant evidence (or even really try to remotely log into the teacher's computer) tthat points to her classmate.

3. All traceable data would show that the classmate's computer made the attempt to hack into the teacher's machine.

4. To eventually catch the MC, just have someone find her key-logger and turn it into whoever needs to have it for plot reasons.

Maxx B
03-27-2014, 03:38 PM
2. The campus is on a single wi-fi network. (even if the school is only one building, that stretches my suspension of disbelief a tad). The wi-fi router keeps a log of all MACs that access it, along with the IP address assigned. The MC has already had success with a physical access attack -- I believe that she would use the same method to gain access to a classmate's computer, and plant evidence (or even really try to remotely log into the teacher's computer) that points to her classmate.


You can configure multiple APs (Access Points) to expand a single wifi network over a large area.

Bing Z
03-27-2014, 04:55 PM
Student hacks into teacher computer, changes grades (http://eyeofthetigernews.com/660978), even with some details in layman terms.