There are Five Phase of Hacking.
1. Reconnaissance 2. Scanning 3. Gaining Access 4. Maintaining Access 5. Clearing Track
Reconnaissance Reconnaissance refer to the preparatory phase of Hacking. In this phase attacker gathers as much information as possible about the target prior to lunching the attack. The challenges for attacker is to show competitive intelligence to learn more about the target. It involves Network scanning, either external or internal, without authorization.
How they do it? They do it through Social Engineering. A Social engineer is a person who convince people to reveal information such as unlisted phone numbers, passwords, and other sensitive information.
Another Reconnaissance technique is Dumpster diving. (in which hacker goes through the target organization’s trash and get the sensitive information and hacker can use internet to verify employees contact details and easily do a Reconnaissance.
Reconnaissance Types 1. Active (Direct Interaction) 2. Passive (Indirect Interaction)
Scanning Scanning, the attacker uses the details gathered during reconnaissance to identify specific vulnerabilities. Sometime hacker doesn’t differentiate scanning as a different phase, however, scanning involves more in depth probing.
How they do it?
Attacker can gather critical network information using windows utility trace route. Additionally, they use Cheops to add additional information.
Gaining Access In this phase real hacking occurs. Attackers uses vulnerabilities identified during the reconnaissance and scanning phase to gain access to the target system and network.
Gaining Access: 1. OS Level 2. Application Level 3. Network Level (will discuss more on Gain Access with tool later blogs) Maintaining Access
1. Maintaining access refers to the phase when the attacker tries to retain his/her ownership of the system. 2. Attackers may prevent the system from being owned by other attackers by securing their exclusive access with backdoor, Root Kits, or Trojans. 3. Attackers can upload, download, or manipulate data, applications, and configurations on the owned system. 4. Attackers use the compromised system to lunch further attacks.
Clearing Tracks 1. Covering Track refers to the activities carried out by an attacker to hide malicious acts. 2. The attacker’s intention includes: Continuing access to the victim’s system, remaining unnoticed and uncaught, deleting evidence that might lead to his prosecution. 3. The attacker overwrites the server, systems and application log to avoid suspicion.
All above things strictly restricted by cyber law, CEH (Red Team do this for finding vulnerability in organization, to maintaining Security)