1.3 Hacking Concepts, Types, and Phases

What is Hacking?

  • Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources.
  • It involves modifying system or application features to achieve a goal outside of the creator's original purpose.
  • Hacking can be used to steal, pilfer, and redistribute intellectual property leading to business loss.

Who is a Hacking?

  • Intelligent individuals with excellent computer skills, with the ability to create and explore into the computer's software and hardware.
  • For some hackers, hacking is a hobby to see how many computers or networks they can compromise.
  • Their intention can either be to gain knowledge or to poke around to do illegal things.
  • Some do hacking with malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords, etc.

Hacker Classes

  • Black Hats: Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also known as crackers.
  • White Hats: Individuals professing hacker skills and using them for defensive purposes and are also known as security analysts.
  • Gray Hats: Individuals who work both offensively and defensively at various times.
  • Suicide Hackers: Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about facing jail terms or any other kind of punishment.
  • Script Kiddies: An unskilled hacker who compromises system by running scripts, tools, and software developed by real hackers.
  • Cyber Terrorists: Individuals with wide range of skills, motivated by religious or political beliefs to create fear by large-scale disruption of computer networks.
  • State Sponsored Hackers: Individuals employed by the government to penetrate and gain top-secret information and to damage information systems of other governments.
  • Hacktivist: Individuals who promote a political agenda by hacking, especially by defacing or disabling websites.

Hacking Phases: Reconnaissance

  • Reconnaissance refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.
  • Could be the future point of return, noted for ease of entry for an attack when more about the target is known on a broad scale.
  • Reconnaissance target range may include the target organization's clients, employees, operations, network, and systems.
  • Reconnaissance Types:
    • Passive Reconnaissance:
      • Passive Reconnaissance involves acquiring information without directly interacting with the target.
      • For example, searching public records or news releases.
    • Active Reconnaissance:
      • Active Reconnaissance involves interacting with the target directly by any means.
      • For example, telephone calls to the help desk or technical department.

Hacking Phases: Scanning

  • Pre-Attacks Phase: Scanning refers to the pre-attack phase when the attacker scans the network for specific information on the basis of information gathered during reconnaissance.
  • Port Scanner: Scanning can include use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, etc.
  • Extract Information: Attackers extract information such as live machines, port, port status, OS details, device type, system uptime, etc. to launch attack.

Hacking Phases: Gaining Access

  • Gaining access refers to the point where the attacker obtains access to the operating system or applications on the computer or network.
  • The attacker can gain access at operating system level, application level, or network level.
  • The attacker can escalate privileges to obtain complete control of the system. In the process, intermediate systems that are connected to it are also compromised.
  • Example include password cracking, buffer overflows, denial of service, session hijacking, etc.

Hacking Phases: Maintaining Access

  • Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system.
  • Attackers may prevent the system from being owned by other attackers by securing their exclusive access with Backdoors, RootKits, or Trojans.
  • Attackers can upload, download, or manipulate data, applications, and configurations on the owned system.
  • Attackers use the compromised system to launch further attacks.

Hacking Phases: Clearing Tracks

  • Covering tracks refers to the activities carried out by an attacker to hide malicious acts.
  • The attacker's intentions include: Continuing access to the victim's system, remaining unnoticed and uncaught, deleting evidence that might lead to his prosecution.
  • The attacker overwrites the server, system, and application logs to avoid suspicion.
  • Attackers always cover tracks to hide their identity.

通常使用ps tools, netcat, Trojan來刪除log

或使用Trojan, rootkit, steganography或tunneling來隱藏

results matching ""

    No results matching ""