ETHICAL HACKING (PART-3)
Scanning and Enumeration :
After you have explor ed the network and identified the live systems on it, you can move on to scanning and enumeration. This is critical for exploitation or gaining access. Enumeration is also considered part of active reconnaissance. Using enumeration, you can find a lot of details about a device, server, or service.
Enumeration can be used to find information, such as:
- Operating system information, such as the version
- DNS information
- SNMP information
- Users and groups
- Password hashes and passwords
- Hostnames Domain information
- Running services and process
Gaining Access (Exploitation) :
When choosing an attack to use to gain access to the system, the environment and
situation have to be considered. Some common attack techniques used in penetration
testing are:
Social engineering - This attack sets the base for all other attacks. An attacker can
use different methods, such as phishing, to trigger the attack.
Web application attacks - These can include attacks such as SQL injection, XSS,
and XSRF. These are applicable if you are performing a penetration test on a Web
application.
Session hijacking - This is useful when you have unencrypted sessions. An
attacker can perform session hijacking or a man-in-the-middle attack.
Password cracking - This involves some level of access to the server or system,
then using various tools to crack the passwords
Let’s assume that you have exploited a vulnerability in the Windows operating system
and gained access to the system. There is no guarantee that you will be able to maintain
access. In such situations, you need to do something that allows you to maintain access if
the vulnerability is patched.
For example, you can create a new user account with administrative access. This will
allow you to connect with the exploited system remotely. Alternatively, you install a
backdoor or rootkit.
Covering Tracks :
In any form of hacking, you are likely to leave traces in the system, possibly resulting in
getting stopped or caught. For example, if you create a user account, it will get captured
in the log files. One of the key methods used in covering tracks is to clear the log files.
However, when logs are cleared, a new entry in the log files is created, mentioning that
logs have been deleted.
Comments
Post a Comment