Black HatSecurity+

Understanding the Steps of Ethical Hacking

Understanding the Steps of Ethical Hacking: For an overview of the process, let’s look at the steps of ethical hacking to see where Footprinting fits in as well as what future phases hold.

Phase 1: Footprinting

Footprinting is the first phase of the ethical hacking process and is the subject of this article. This phase consists of passively and actively gaining information about a target.

The goal is to gather as much information as is reasonable and useful about a potential target with the objective of getting enough information to make later attacks more accurate.

The end result should be a profile of the target that is rough picture but one that gives enough data to plan the next phase of scanning.

Information that can be gathered during this phase includes the following:

  • IP address ranges
  • Namespaces
  • Employee information
  • Phone numbers
  • Facility information
  • Job information

Phase 2: Scanning

Scanning which focuses on an active engagement of the target with the intention of obtaining more information.

Scanning the target network will ultimately locate active hosts that can then be targeted in a later phase.

Footprinting helps identify potential targets, but not all may be viable or active hosts. Once scanning determines which hosts are active and what the network looks like, a more refined process can take place.

During this phase tools such as these are used:

  • Pings
  • Ping sweeps
  • Port scans
  • Tracert

Phase 3: Enumeration

The last phase before you attempt to gain access to a system in the enumeration phase.

Enumeration is the systematic probing of a target with the goal of obtaining user lists, routing tables, and protocols from the system.

This phase represents a significant shift in your process; it is in the initial transition from being on the outside looking in to moving to the inside of the system to gather data.

Information such as shares, users, groups, application, protocols, and banners all proved useful in getting to know your target, and this information is carried forward into the attack phase.

The information gathered during phase 3 typically includes, but is not limited to, the following:

  • Usernames
  • Group information
  • Passwords
  • Hidden Shares
  • Device information
  • Network layout
  • Protocol information
  • Server data
  • Service information

Phase 4: System Hacking

Once you have completed the first three phases, you can move into the system hacking phase.

You will recognize that things are getting much more complex and that the system hacking phase cannot be completed in a single pass.

It involves a methodical approach that includes cracking passwords, escalating privileges, executing applications, hiding files, covering tracks, concealing evidence, and then pushing into a complex attack.

Related Articles

Leave a Reply

Back to top button