Hacking Fundamentals

There are 6 basic steps in hacking process. A young Enthusiast has to understand that hacking follows a very strategic process and when broken down can give your tasks and agenda clarity. 

First Step: Reconnaissance

Recon is the most important step of all the processes and it is broken down into two sub- task : Active and Passive. During this phase your primary goal is obtaining as much information about your target as possible.

Sub-Task 1: Passive Recon

The Passive approach to Recon is when you ignore the target but observe the elements associated to the target. (i.e. Google, social media searches on people connected to target).

Sub-Task 2: Active Recon

The Active Recon is when you are interacting with your target trying to expose the open ports and application. Using software like nmap or zenmap etc.

Second Step: Exploitation

After you have performed your recon and found a vulnerability now your ready to exploit that vulnerability and take control of your target. Using pre-written exploit found in Metasploit for example would aid in this.

Third Step: Privilege User Access

Now that we are inside, its time to gain Admin or Super User access. You want to be able to have free roam in the environment.

Fourth Step: Staying Power

Now you want to be able to get in and out as much as you like. in the event we get disconnected from your target. Also you should be able to tunnel net work traffic through the machine at your leisure. A commonly used utility is netcat. It is used for reading from and writing to network connections using TCP or UDP.

Fifth Step: Dead Drop

Moving data to a intermediary server is ready to be done. Data extraction is the act or process of retrieving data out of data sources for further data processing or data storage. So having a place to store gathered data is vital.

Sixth: No Digital Foot Print

OK now its time to ghost out! not leave a trace of ever been in the environment. But it is important to note that upon exiting, missing logs is just as questionable as noticing weird things in them. The key is to modify the logs so that normal activity is seen and your presence is not.

The Take Away

Its important to understand that this just a highlight version of the process. Each step is much more in depth than described. Depending on your abilities The recon phase could take weeks or months. Exploitation could require custom tools to be developed. Dead drop portion could take days to get out the data you have obtained. So be prepared to do your do diligence.

Happy Hacking!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s