Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd Logo
Upload

Welcome to Scribd!

  • 73 views

    Steps of Hacking

    Uploaded by

    Amarjit
    The document outlines the four phases of an ethical hacking process: 1. Footprinting involves passively and actively gathering information about a target such as IP addresses, employee information, and facility details. 2. Scanning uses tools like ping sweeps and port scans to determine which hosts are active on the target network. 3. Enumeration systematically probes the target to obtain user lists, routing tables, and network protocols. 4. System hacking cracks passwords, escalates privileges, conceals tracks and launches complex attacks once the first three phases are complete.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd

    Steps of Hacking

    Uploaded by

    Amarjit
    73 views2 pages
    The document outlines the four phases of an ethical hacking process: 1. Footprinting involves passively and actively gathering information about a target such as IP addresses, employee information, and facility details. 2. Scanning uses tools like ping sweeps and port scans to determine which hosts are active on the target network. 3. Enumeration systematically probes the target to obtain user lists, routing tables, and network protocols. 4. System hacking cracks passwords, escalates privileges, conceals tracks and launches complex attacks once the first three phases are complete.

    Original Description:

    steps

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document outlines the four phases of an ethical hacking process: 1. Footprinting involves passively and actively gathering information about a target such as IP addresses, employee information, and facility details. 2. Scanning uses tools like ping sweeps and port scans to determine which hosts are active on the target network. 3. Enumeration systematically probes the target to obtain user lists, routing tables, and network protocols. 4. System hacking cracks passwords, escalates privileges, conceals tracks and launches complex attacks once the first three phases are complete.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    73 views2 pages

    Steps of Hacking

    Uploaded by

    Amarjit
    The document outlines the four phases of an ethical hacking process: 1. Footprinting involves passively and actively gathering information about a target such as IP addresses, employee information, and facility details. 2. Scanning uses tools like ping sweeps and port scans to determine which hosts are active on the target network. 3. Enumeration systematically probes the target to obtain user lists, routing tables, and network protocols. 4. System hacking cracks passwords, escalates privileges, conceals tracks and launches complex attacks once the first three phases are complete.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Download as docx, pdf, or txt
    You are on page 1of 2

    Understanding the Steps of Ethical Hacking

    For an overview of the process, let’s look at the steps of ethical hacking to see where footprinting fits in
    as well as what future phases hold.

    Phase 1: Footprinting

    Footprinting is the first phase of the ethical hacking process and is the subject of this chapter. This
    phase consists of passively and actively gaining information about a target. The goal is to gather as much
    information as is reasonable and useful about a potential target with the objective of getting enough
    information to make later attacks more accurate. The end result should be a profile of the target that is
    a rough picture but one that gives enough data to plan the next phase of scanning. Information that can
    be gathered during this phase includes the following:

    IP address ranges

    Namespaces

    Employee information

    Phone numbers

    Facility information

    Job information

    Footprinting takes advantage of the information that is carelessly exposed or disposed of inadvertently.

    Phase 2: Scanning

    Phase 2 is scanning, which focuses on an active engagement of the target with the intention of
    obtaining more information. Scanning the target network will ultimately locate active hosts that can
    then be targeted in a later phase. Footprinting helps identify potential targets, but not all may be viable
    or active hosts. Once scanning determines which hosts are active and what the network looks like, a
    more refined process can take place. During this phase tools such as these are used:

    Pings

    Ping sweeps

    Port scans

    Tracert
    Phase 3: Enumeration

    The last phase before you attempt to gain access to a system is the enumeration phase. Enumeration is
    the systematic probing of a target with the goal of obtaining user lists, routing tables, and protocols
    from the system. This phase represents a significant shift in your process; it is the initial transition from
    being on the outside looking in to moving to the inside of the system to gather data. Information such as
    shares, users, groups, applications, protocols, and banners all proved useful in getting to know your
    target, and this information is carried forward into the attack phase. The information gathered during
    phase 3 typically includes, but is not limited to, the following:

    Usernames

    Group information

    Passwords

    Hidden shares

    Device information

    Network layout

    Protocol information

    Server data

    Service information

    Phase 4: System Hacking

    Once you have completed the first three phases, you can move into the system hacking phase. You will
    recognize that things are getting much more complex and that the system hacking phase cannot be
    completed in a single pass. It involves a methodical approach that includes cracking passwords,
    escalating privileges, executing applications, hiding files, covering tracks, concealing evidence, and then
    pushing into a complex attack.

    You might also like