1What is Hacking?
Introduction to Hacking is the must-read article going forward in this Hacking series.
“Hacking is exploiting security controls either in a technical, physical, or a human-based element.” -Kevin Mitnick
- Gaining unauthorized access to data in a system or computer is hacking, However, the word hacking has two definitions.
- The first definition refers to the hobby/profession of working with computers.
- The second definition refers to modifies computer hardware or software in a way that changes the creator’s original intent.
- It is also defined as the art of exploiting computers to get access to otherwise unauthorized information.
- Now that the world is using IT systems to gather, store, and manipulate important information; there is also a need to make sure that data is secure.
- However, no system is without its problems.
- Holes are often present within security systems, which, if exploited, allow hackers to gain access to this otherwise restricted information.
- NOTE: A hacker is a person who finds and exploits the fault in computer systems and networks to gain access.
- They are usually experts in computer programing and computer security.
2What is Ethical Hacking?
- It refers to the act of locating the weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers.
- It is also known as penetration testing, intrusion testing, or red teaming.
- An ethical hacker is a security professional who applies their hacking skills for defensive purposes on behalf of the owners of information systems.
- Ethical hackers are also known as white hat hackers.
3Importance of ethical hacking
- In today’s digital era, the biggest threats to any business organization and government organization come from cybercriminals.
- Nowadays, as more and more companies are entering the e-commerce ecosystem and adopting new technologies, like cloud computing, the threat from imminent security breaches is clearly demanding the need for efficient information security
- Hacking can lead to loss of business for organizations that deal with finance. Ethical hacking puts them a step ahead of the cybercriminals who would otherwise lead to loss of business.
- NOTE: Ethical hacking includes services like application testing remote or war dialing, local network testing, wireless security, system hardening, social engineering, etc.
- Here you can get the Basic tools required for Hacking.
4Who is a Hacker in Introduction to Hacking?
- Hackers have been around for so many years. Since the computer and the Internet became widely used in the world, we have started to hear more and more about hacking.
- As the term hacking has two meanings, so does the term hacker is a word that has two meanings:
- Traditionally, a hacker is someone who likes to play with software or electronic systems.
- They enjoy exploring and learning how computer systems operate.
- Recently, a hacker has taken on a new meaning that someone who finds weaknesses in a computer and computer network, though the term can also refer to someone with an advanced understanding of computers and computer networks.
Normally, hackers are people who try to gain unauthorized access to your computer.
5Hacker classification in Introduction to Hacking
Hackers are classified according to their motives and type of work.
The following list helps you to better understand the types of hackers.
White hat hacker
- A white-hat hacker is a computer security expert who specializes in penetration testing and in other testing, methodologies to ensure the security of an organization’s information systems.
- They are also known as ethical hackers.
- Generally, white hat hackers are the good guys in the world of hackers.
- Ethical hacking is a term coined by IBM meant to imply a broader category than just penetration testing.
Black hat hacker
- A black hat hacker is an individual with extensive computer knowledge whose purpose is to breach or bypass internet security.
- They are also known as crackers or dark-side hackers.
- They are computer security hackers who break into computers and networks or also create computer viruses.
- Generally, ethical hackers build things and crackers break things.
Gray hat hacker
- A gray hat hacker is a combination of a black hat and a white hat hacker.
- It may relate to whether they sometimes arguably act illegally, though in goodwill, or to show how they disclose vulnerabilities.
- They usually do not hack for personal gain or have malicious intentions, but maybe prepared to technically commit crimes during the course of their technological exploits in order to achieve better security.
- A Script kiddie (or skiddie) is a non-expert who uses existing scripts, code, or other tools illegally to gain entry to a computer system or network, without understanding the way the tools function or the way the system or network is designed.
- Although they may have some programming skills, script kiddies do not have the experience to write their own programs that exploit vulnerabilities.
7Hacktivist in Introduction to Hacking
- A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message.
- Most of the hacktivism involves website defacement or denial-of-service attacks.
85 Phases of hacking in Introduction to Hacking
The process of hacking can be broken down into five distinct phases, which are described as follows:
- Phase 1-Reconnaissance
- Phase 2-Scanning
- Phase 3-Gaining access
- Phase 4-Maintaining access
- Phase 5-Covering tracks
- Reconnaissance is the primary phase where the hacker gathers information about a target using active or passive means.
- Passive reconnaissance involves gathering information regarding a potential target without the target’s knowledge.
- It is usually done by using Internet searches of an individual or company to gain information.
- This process is generally called information gathering.
- Sniffing the network is a type of passive reconnaissance and can produce useful information, such as IP address ranges, naming conventions, hidden servers or networks, and other available services on the system or network.
- Sniffing network traffic is similar to building monitoring: a hacker watches the flow of data to see what time certain transactions take place and where the traffic is going.
- Active reconnaissance involves penetrating the network to discover individual hosts, 1P addresses, and services on the network.
- It generally involves more risk of detection than passive reconnaissance.
- It is also called rattling the doorknobs.
NOTE: Some widely used reconnaissance tools are NMAP, Hping, Maltego, and Google Dorks.
- In scanning, the information gathered during the reconnaissance phase is used to scan the perimeter and internal network devices looking for weaknesses.
- It includes scanning the target for services running, open ports, firewall detection, finding vulnerabilities, OS detection, etc.
- Tools that a hacker may use during the scanning phase include dialers, port scanners, network mappers, vulnerability scanners, Internet Control Message Protocol (ICMP) scanners, ping sweeps, and Simple Network Management Protocol (SNMP) sweepers.
- Hackers are looking for any information that can help them perpetrate an attack on a target, such as computer names, operating system (OS), user accounts, IP addresses, and installed software.
- NOTE: Some widely used scanning tools are Nessus, Nexpose, and NMAP.
After scanning, a hacker strategy the blueprint of the network of the target with the help of data collected during Phase (Reconnaissance) and Phase 2 (Scanning).
In this phase, the hacker would exploit a vulnerability to gain access to the target.
- It generally involves taking control of one or more network devices to extract data from the target or use that device to perform attacks on other targets.
- Hackers perform certain types of hacking attacks, such as stack-based butter overflows, denial-of-service (Dos), and session hijacking.
- This hacking attack can be delivered to the target system via a local area network (LAN), either wired or wireless; local access to a PC; the Internet (online); or offline.
- Gaining access is known in the hacker world as owning the system.
- Because, once a system has been hacked, the hacker has all the controls of the system and can run that system according to them.
NOTE: The primary tool that is used in this process is Metasploit.
Maintaining access in Introduction to Hacking
- After gaining access, the hacker wants to keep that access for future exploitation and attacks to collect more data.
- Sometimes hackers create harder security for the system by using backdoors, rootkits, and Trojans so that no other hackers or security personnel can breach it.
- A Zombie system is a computer connected to the Internet that has been compromised by a hacker, computer virus, or Trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction.
- In the final phase, hackers cover their tracks to avoid detection by security personnel.
- To avoid legal action on them, hackers remove evidence of hacking such as deletion or
alteration of log files, exfiltration of data via DNS tunneling or steganography, clearing out sent e-mails and clearing temp files.
9Types of hacking attacks in Introduction to Hacking
There are several ways in which hackers can target and attack devices and networks. So, some of the most common hacking techniques are listed as follows:
This is a form of technique engaged by cybercriminals designed to trap normal and common users into sending their confidential data, infecting their computers with malware, or opening links to infected sites.
Malware attack in Introduction to Hacking
This is specifically designed by cybercriminals to gain access or damage a computer without the knowledge of the owner by injecting malicious software through the Internet or by other storage devices.
This is meant to gain unauthorized access to a computer without the computer owner’s awareness by decoding the password.
Phishing in Introduction to Hacking
This involves one program, system, or website successfully masquerading as another by gaining confidential information, such as user IDs, passwords, bank details, and
thereby being treated as a trusted system by a user or another program.
This is a method of taking over a Web user session by stealthily obtaining the session D and masquerading as the authorized user.
It is also known as cookie hijacking.
DoS (denial-of-service) attack
This is aimed to bring the network to its knees by flooding it with useless traffic, such as
invalid authentication requests, which eventually brings the whole network down.
Web hacking in Introduction to Hacking
This is an attack that attempts to breach a website. SQL. injection and cross-site scripting are the common hacking types of web hacking.
10Essential terminologies of Introduction to Hacking
Backdoor is a hidden entry to a computing device or software that bypasses security measures, such as logins and password protections.
- The bot is a computer that has been compromised with malware attacks and can be controlled remotely by a hacker.
- A hacker can then use the bot (also known as a zombie computer) to launch more attacks or to bring it into a collection of controlled computers, known as a botnet.
A bug is a flaw or error in a software program.
Cracking is defined by breaking into a security system, usually for nefarious purposes.
Exploit is a way or process to take advantage of a bug or vulnerability in a computer or application.
Phreak is someone who breaks into the telephone network illegally, to make free calls or to tap phone lines.
Vulnerability is a weakness that allows a hacker to compromise the security of a computer or network system.