Skip to main content

Concept of hacking,phases and its types in securetecho

1.3 Hacking Concepts, Types, and Phases in securetecho

What is Hacking?

  • Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources.
  • It involves modifying system or application features to achieve a goal outside of the creator's original purpose.
  • Hacking can be used to steal, pilfer, and redistribute intellectual property leading to business loss.

Who is a Hacking?

  • Intelligent individuals with excellent computer skills, with the ability to create and explore into the computer's software and hardware.
  • For some hackers, hacking is a hobby to see how many computers or networks they can compromise.
  • Their intention can either be to gain knowledge or to poke around to do illegal things.
  • Some do hacking with malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords, etc.

Hacker Classes

  • Black Hats: Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also known as crackers.
  • White Hats: Individuals professing hacker skills and using them for defensive purposes and are also known as security analysts.
  • Gray Hats: Individuals who work both offensively and defensively at various times.
  • Suicide Hackers: Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about facing jail terms or any other kind of punishment.
  • Script Kiddies: An unskilled hacker who compromises system by running scripts, tools, and software developed by real hackers.
  • Cyber Terrorists: Individuals with wide range of skills, motivated by religious or political beliefs to create fear by large-scale disruption of computer networks.
  • State Sponsored Hackers: Individuals employed by the government to penetrate and gain top-secret information and to damage information systems of other governments.
  • Hacktivist: Individuals who promote a political agenda by hacking, especially by defacing or disabling websites.

Hacking Phases: Reconnaissance

  • Reconnaissance refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.
  • Could be the future point of return, noted for ease of entry for an attack when more about the target is known on a broad scale.
  • Reconnaissance target range may include the target organization's clients, employees, operations, network, and systems.
  • Reconnaissance Types:
    • Passive Reconnaissance:
      • Passive Reconnaissance involves acquiring information without directly interacting with the target.
      • For example, searching public records or news releases.
    • Active Reconnaissance:
      • Active Reconnaissance involves interacting with the target directly by any means.
      • For example, telephone calls to the help desk or technical department.

Hacking Phases: Scanning

  • Pre-Attacks Phase: Scanning refers to the pre-attack phase when the attacker scans the network for specific information on the basis of information gathered during reconnaissance.
  • Port Scanner: Scanning can include use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, etc.
  • Extract Information: Attackers extract information such as live machines, port, port status, OS details, device type, system uptime, etc. to launch attack.

Hacking Phases: Gaining Access

  • Gaining access refers to the point where the attacker obtains access to the operating system or applications on the computer or network.
  • The attacker can gain access at operating system level, application level, or network level.
  • The attacker can escalate privileges to obtain complete control of the system. In the process, intermediate systems that are connected to it are also compromised.
  • Example include password cracking, buffer overflows, denial of service, session hijacking, etc.

Hacking Phases: Maintaining Access

  • Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system.
  • Attackers may prevent the system from being owned by other attackers by securing their exclusive access with Backdoors, RootKits, or Trojans.
  • Attackers can upload, download, or manipulate data, applications, and configurations on the owned system.
  • Attackers use the compromised system to launch further attacks.

Hacking Phases: Clearing Tracks

  • Covering tracks refers to the activities carried out by an attacker to hide malicious acts.
  • The attacker's intentions include: Continuing access to the victim's system, remaining unnoticed and uncaught, deleting evidence that might lead to his prosecution.
  • The attacker overwrites the server, system, and application logs to avoid suspicion.
  • Attackers always cover tracks to hide their identity.

WE CAN LEARN ABOUT PROFASSIONAL HACKING VISIT ON MY SITE SECURETECHO.

Comments

Post a Comment

Popular posts from this blog

how to crack wifi password using fern wifi cracker in securetecho

HOW TO HACK wifi USING fern wifi cracker Step 1 –  Go to Backtrack - Exploitation Tools - Wireless Exploitation Tools - WLAN Exploitation - Fern Wi-Fi Cracker.   Now following application will be seen.                                     Step 2 - Now select the interface as wlan0 and Refresh it.   Now click on “OK” after the box appears.    Step 3 –    Now click on “Scan for Access points”    Step 4 –  After that it will show list of Detected signals    Step 5 –     Now click on WEP box                                    Following screen will show like this.    Step 6 –  Now choose the Attack option as you wish to do like,  A. Arp Reques...
Post a Comment
Read more

Ethical Hacking Concepts and Scope in securetecho

1.4 Ethical Hacking Concepts and Scope in Securetecho What is  Ethical Hacking ? Ethical hacking involves the use of hacking tools, tricks, and techniques to  identify vulnerabilities  so as to ensure system security. It focuses on simulating techniques used by attackers to  verify the existence of exploitable vulnerabilities  in the system security. Ethical hackers performs security assessment of their organization  with the permission of concerned authorities . Why  Ethical Hacking  is Necessary To beat a hacker, you need to think like one! Ethical hacking is necessary as it  allows to counter attacks from malicious hackers  by anticipating methods used by them to break into a system. Reasons why Organizations Recruit Ethical Hackers : To  prevent hackers  from gaining access to organization's information. To  uncover vulnerabilities  in systems and explore their potential as a risk. To an...
Post a Comment
Read more

Ethical hacking with full description in securetecho

                           ETHICAL HACKING Ethical hacking  refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious  hackers .  Ethical hacking  is also known as penetration testing. An  ethical  hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit. TOOLS FOR ETHICAL HACKING:               NMAP. Nmap stands for Network Mapper. ...     Metasploit. Metasploit is one of the most powerful exploit tools. ...     Burp Suit. Burp Suite is a popular platform that is widely used for performing security            testing ...
1 comment
Read more