Ethical Hacking Tutorial - Process (Phases, Steps to take to Hack any Hackable Hacking)
Ethical Hacking has a set of distinct phases. Which helps hackers to make a structured ethical hacking attack.
Different security training manuals, hacking course pdf, cracking tutorials and many more explain the process of ethical hacking in different ways, but as for me and my little knowledge and as a Certified Ethical Hacking, the entire process can be categorized into the following 5 phases of hacking, which include
below listed Hacking Phase.
below listed Hacking Phase.
Here are the 5 Phases of Hacking Table of Contents:
| Phase Nō | Phase Type | Short Note |
|---|---|---|
| Phase 1 | Reconnaissance | Reconnaissance is the phase where the attacker gathers information about a target using active or passive means. The tools that are widely used in this process are NMAP, Hping, Maltego, and Google Dorks. |
| Phase 2 | Scanning | In this process, the attacker begins to actively probe a target machine or network for vulnerabilities that can be exploited. The tools used in this process are Nessus, Nexpose, and NMAP. |
| Phase 3 | Gaining Access | In this process, the vulnerability is located and you attempt to exploit it in order to enter into the system. The primary tool that is used in this process is Metasploit. |
| Phase 4 | Maintaining Access | It is the process where the hacker has already gained access into a system. After gaining access, the hacker installs some backdoors in order to enter into the system when he needs access in this owned system in future. Metasploit is the preferred tool in this process. |
| Phase 5 | Clearing Tracks | This process is actually an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process. |
Take Note : "As I always say, any Hacking Tutorial find on Qtechpluz.com is not to motivate you to hack and shut down any system or websites but to provide a general idea of how the daily hacks are performed and to protect yourself from getting hacked." Check out How to Kill Friend's WiFi Connection on your Devices With WifiKill Android Apk.
In today's tutorial, I will discuss the 5 steps of Hacking taking an example of a Hacker trying to hack a company’s server and gaining access to all the company’s data.
But before I proceed, check out the previous tutorial on Ethical Hacking below :
1st day >> Ethical Hacking Tutorial — Overall Review,
2nd day >> Ethical Hacking Tutorial — Types of Hackers,
3rd day >> Ethical Hacking Tutorial — Top 15 Most Famous Hackers in the Worldwide and How they became Famous,
Here are the 5 step process an hacker take :
Phase 1. Reconnaissance : If we are to say, reconnaissance is the first phase to look into because this is where the Hacker tries all their possible best to collect information about the target. This includes :
- Identifying the Target,
- Finding out the target’s IP Address Range,
- Operating system,
- Network,
- DNS records, etc.
For instance, you are a hacker, attacker or cracker and you want to hack someone's or organization or government websites’ contacts. The best tool to use is a search engine like maltego, researching the target say a website (checking links, jobs, job titles, email, news, etc.), or a tool like HTTPTrack to download the entire website for later enumeration, the hacker is able to determine the following: Staff names, positions, and email addresses.
Reconnaissance can be categorized into or takes place in two parts which includes the Active Reconnaissance and Passive Reconnaissance.
- Active Reconnaissance : With the use of this process, you will directly interact with the computer system to gain information. This information can be relevant and accurate. But there is a risk of getting detected if you are planning active reconnaissance without permission. If you are detected, then system admin can take severe action against you and trail your subsequent activities.
- Passive Reconnaissance : In this process, you will not be directly connected to a computer system. This process is used to gather essential information without ever interacting with the target systems.
Phase 2. Scanning: This phase is commonly used by most hacker in the World and it includes the usage of tools like dialers, port scanners, network mappers, sweepers, and vulnerability scanners to scan the targeted database. Hackers are more than ready to seeking any available information that can help them perpetrate attack such as :
- computer names,
- IP addresses,
- user accounts.
Now that the hacker has some basic information about his or her target, the hacker now moves to the next phase and begins to test the network for other avenues of attacks. The hacker decides to use a couple methods for this end to help map the network (i.e. Kali Linux, Maltego and find an email to contact to see what email server is being used). The hacker looks for an automated email if possible or based on the information gathered he may decide to email HR with an inquiry about a job posting. Check out14 Android Hacking Apps To Turn Your Android Into A Hacking Device.
Phase 3. Gaining Access: At this point in time, hacker try to designs the blueprint of the network of the target with the help of the data collected during the Phase 1 and Phase 2. The hacker has finished enumerating and scanning the network and now decide that they have a some options to gain access to the network.
For instance, let assume that the hacker chooses Phishing Attack: The hacker decides to play it safe and use a simple phishing attack to gain access. The hacker decides to infiltrate from the IT department. They see that there have been some recent hires and they are likely not up to speed on the procedures yet. A phishing email will be sent using the CTO’s actual email address using a program and sent out to the techs. The email contains a phishing website that will collect their login details which include users ID and passwords. Using any number of options (phone app, website email spoofing, Zmail, etc) the hacker sends a email asking the users to login to a new Google portal with their credentials. They already have the Social Engineering Toolkit running and have sent an email with the server address to the users masking it with a bitly, goo.gl, t.co or tinyurl.
Other options include creating a reverse TCP/IP shell in a PDF using
Metasploit or WPS office (may be caught by spam filter). Looking at the event calendar they can set up a Evil Twin router and try to Man in the Middle attack users to gain access. An variant of Denial of Service attack, stack based buffer overflows , and session hijacking may also prove to be great.
Phase 4. Maintaining Access: Now as a hacker who have successful in phase 1,2 and 3 and now gained access login, they want to keep that access for future exploitation and attacks. Once the hacker owns the system, they can use it as a base to launch additional attacks.
In this case, the owned system is sometimes referred to as a zombie system. Now that the hacker has access to multiple e-mail accounts, the hacker begins to test the accounts on the domain. The hacker from this point in time creates a new administrator account for themselves based on the naming structure and try and blend in. As a precaution, the hacker begins to look for and identify accounts that have not been used for a long time. The hacker assumes that these accounts are likely either ignore or forgotten or not used so they change the password and elevate privileges to an administrator as a secondary account in order to maintain access to the network. The hacker may also send out emails to other users with an exploited file such as a PDF with a reverse shell in order to extend their possible access. No overt exploitation or attacks will occur at this time. If there is no evidence of detection, a waiting game is played letting the victim think that nothing was disturbed. With access to an IT account the hacker begins to make copies of all emails, appointments, contacts, instant messages, and files to be sorted through and used later. Check out Top 10 Best Free iCloud Bypass tools for Bypassing iCloud.
Phase 5. Clearing Tracks: Prior to the attack, the hacker would change their MAC address and run the cracking machine through different types of VPN to help cover their identity. They will not deliver a direct attack or any scanning technique that would be deemed “noisy”.
Once access is gained and privileges have been escalated, the hacker seek to cover their tracks. This includes clearing out Sent emails, clearing browsing history, clearing browsing data, clearing cookies and data, clearing server logs, temp files, etc. The hacker will also look for indications of the email provider alerting the user or possible unauthorized logins under their account.
How to Protect yourself from being Hacked : Things to do l and not to do?
- social media that can be related to challenge questions cannot be broken by brute force or guessing.
- authentication when possible. requests emails.
- Services like Heroku, Gmail, Hotmail, Yahoo mail and others will not request to type in passwords for additional promotion or service.
- Verify source of contact.
- never click on batch files.
- background services that are running in your device and never rely on others’ device.
- installed and set root passwords for installation.
- clean the cache.
If you notice any act of hacking activities on your server, please do inform the service providers.
Tags : ethical hacking training... how to become an ethical hacker... ethical hacker salary... ethical hacking
jobs... ethical hacking online course... learn ethical hacking online... learn hacking online free step by step... free online ethical hacking course with certificate... hacking course process... hacking course for beginners... ethical hacking
training... hacking course online free in hindi... ethical hacking tutorial... ethical hacking book... ethical hacking
Comments
Post a Comment
Please Share Your Thoughts About This Post....