Fundamentals of Hacking

Hi! Welcome to https://usociety4.blogspot.com/ . The purpose of this blog is to elevate individuals who don’t know the phases of hacking and their importance in hacking domain. Understanding the fundamentals are very important to become a professional hacker.

Introduction

A hacker is someone who totally focuses on the security mechanisms of computer and network systems. There are just like a communities and shared cultures of networking wizards and expert programmers that trace its history back through decades to the first time-sharing minicomputers. This culture is much more complicated and moralistic than most people know in the society because breaking into computers and phone systems have come to symbolize hacking in popular culture. To become an ethical hacker, learn basics of hacking techniques, how to think like a hacker and all that stuff are very important aspects for beginners. Many of my friends ask me a question that How to start Ethical hacking? What are the basics of hacking which we should learn before getting start Ethical Hacking. So, this blog is especially for my friends and also for those who wanna start learning an Ethics about Hacking.
 

Fundamentals of Hacking

Reconnaissance 

Reconnaissance is the process of gathering informative data about a particular target of a malicious hack by exploring the targeted system. Basically two types of Reconnaissance exist i.e. Active and Passive. Active reconnaissance typically related to port scanning and observing the vulnerabilities about the targeted system (i.e., which ports are left vulnerable and/or if there are ways around the firewall and routers). Passive reconnaissance typically you will not be directly connected to a computer system. This process is used to gather essential information without ever interacting with the target systems.

Footprinting (E.H)

Footprinting is an important part of reconnaissance process which is typically used for collecting possible information about a targeted computer system or network. Active and Passive both could be Footprinting. The example of passive footprinting is assessment of a company’s website, whereas attempting to gain access to sensitive information through social engineering is an example of active information gathering. Basically footprinting is the beginning step of hacker to get hacked someone because having information about targeted computer system is the main aspect of hacking. If you have an information about individual you wanna hack so you can easily hacked that individual. The basic purpose of information gathering is at least decide what type of attacks will be more suitable for the target.In footprinting process the hacker get information about Domain name, internet Protocol Address (IP), Namespaces, Employee private and public information, Job information, E-mails and Phone numbers.

Scanning 

The second phase of information gathering after footprinting and reconnaissance is Scanning that hackers use to size up a network. Scanning is where they plunge deeper into the system to look for important data and services in a specific IP address range. Scanning is a set mechanisms used for identifying live hosts, ports, and services, discovering Operating system and architecture of target system, Identifying vulnerabilities and threats in the network. Network scanning is used to create a profile of the target organization.
Scanning refers to collecting more information using complex and aggressive reconnaissance techniques. Network scans are also a key tool in the arsenal of ethical hackers, who work to prevent attacks on an organization's infrastructure and data.

Gaining Access

The most important phase of an attack in terms of possible damage is Gaining access, although hackers don't always got success to gain access to the system to cause damage. For instance, denial-of-service attacks can either exhaust resources or stop services from running on the target system. Stopping a service can be carried out by killing processes, using a logic/time bomb, or even re-configuring and crashing the system. Resources can be exhausted locally by filling up outgoing communication links. The exploit can occur locally, offline, or over a LAN or the Internet as a deception or theft. Examples include:

• Stack-based buffer overflows
• Denial-of-service and distributed denial-of-service
• Session hijacking

The  technique used by attackers to exploit the particular system called spoofing. They can use this technique to send a malicious packet containing a bug to the target system in order to exploit weakness in the system. Packet immerse may be used to remotely stop availability of the essential services. Smurf attacks try to elicit a response from the available users on a network and then use their authorized address to immerse the victim.

Maintaining Access

Once a hacker has gained access to the system and able to upload, alter and download data without any interruption at that time. But the main purpose is to keep that access for future exploitation and attacks whenever they want. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.

Backdoors: 

A backdoor, bypasses security mechanisms and provides a hacker remote access to a system, allowing the hacker to do whatever they please whenever they please. Backdoors can be very difficult to detect as they are most apparent when the hacker is using them. Even then they might tunnel the communication through another protocol such as DNS or ICMP, to make their comminication even more stealthy. Backdoors can exist in many ways. Some maybe be hard-coded into the software by the developer, network or systems administrators may include them for troubleshooting and recovery, and the hacker may install applications themselves which provide a backdoor.

Keyloggers: 

Keyloggers are technologies that log keystrokes on a system. They can be used to ex-filtrate many types of data, such as login credentials, bank account/credit card details, and other forms of sensitive data. They can come in either hardware or software forms. They can be programmed to collect and save the logged keystrokes in a file that can be sent to the attacker after office hours, or sent through the internet to the hackers devices as the keys are typed. Keylogging activity can be hard to detect, and as with backdoors, traffic can be tunneled through other protocols to avoid raising suspicions.

Clearing tracks

An attacker needs to destroy evidence of his presence and activities for several reasons like when hackers has been able to gain access and maintain access then they try to clear their tracks to avoid detection by security and erasing evidence of a compromise is a requirement for any attacker who wants to remain indeterminate and elude trace back. To continue to use the targeted system, its really important to clear their tracks. Hackers always try to erase all the tracks by which they'll be tracked such as log files or intrusion detection system (IDS) alarms and can also be done by clearing logs, disable auditing, modifying logs/registry files, removing all files/folders created. It is essential for attackers to make the system look like it did before they gained access and formed backdoors for their use. Any files that were modified need to be changed back to their original attributes.