Before explaining this, let me explain what really hackers are. Most people think hackers are generally bad and cause harm to others. For an instance, some peope would even block you on social networks like Facebook if you tell them that you’re a hacker. Reason is simple, that they think you are bad and will hack their accounts (no offence, people who don’t have interests will think the same).
Some think that hackers are extraordinary mind and skills. Apart from all these myths, a hacker just has to know how a computer works and its blueprints.
Terminology of Ethical Hacking
You might be already familiar with this if you are not new to hacking, but those who are- it should surely help them!
Target of evaluation: As words themselves describe, it is the target system or a network that is subjected to an attack.
Threat: A threat can be defined as a situation or a possible danger environment that could allow an attacker to exploit a weakness in the target system and thus, allow access to gain control over it.
Vulnerability: In simple terms, a vulnerability is a weakness or a security flaw in a system that an attacker could exploit in order to gain access to the target system.
Exploit: In computer security, an exploit can be defined as a piece of software or a script that is designed to take advantage of an existing bug or a vulnerability in the system in order to gain unauthorized access, privilege escalation or a DoS (Denial of Service) attack on a system. It can furthur be categorized into Local exploits and Remote exploits which are defined below.
Remote exploit: This exploits the vulnerability on a remote system over the internet (or a ‘network’) and we don’t have prior access the target system.
Local exploit: This exploits the vulnerability off-network or offline and it requires access to target computer system.
Prior to a ‘hacked’ or a compromised system, an attack can be done. An attack can either pe active or passive: In active attacks, the attacker can alter the vulnerable system whereas in passive attacks, an attacker attempts to gather all the possible collectable details about the system.
Phases of Hacking
The phases of hacking include the steps to gain and maintain access to a system, or simply to hack it.
Phase 1- Reconnaissance: This is first phase that involves gathering information about the target system. It can be categorized into active and passive reconnaissance. Passive reconnaissance can be like gathering information about the target without his/her/its information. It can be as simple as watching a building to identify what time employees enter the building and when they leave. The reason why it is also called information gathering. Some examples include Googling an individual or company to gain information, and social engineering.
Active reconnaissance involves discovering hosts, IP addresses, operating system and services on the network. It can give a hacker lots of information about the target but this also doubles the risk of being caught.
Phase 2- Scanning: Scanning involves examining the network using the information you gathered during reconnaissance. Some examples are port scanning (to identify open ports), network mappers, vulnerability scanners like Vega, Acunetix etc.
Phase 3- Gaining Access: Gaining access is similar to owning the targetted system as this phase involves exploiting the vulnerabilities we found during reconnaissance and scanning.
Phase 4- Maintaining access: As the words describe, it involves maintaining your access on your system. In other words, for an instance, after hacking a system, the hacker may want to harden its security or patch the vulnerability from other hackers or security personnel. The hacked system is sometimes also called a zombie system.
Phase 5- Covering Tracks: This is the last phase of hacking. Once the hacker has been able to hack the system, the hacker may want to clear last events, log files, intrusion detection system (IDS) alarms so as to reduce the risk of getting caught. Some examples of this phase includes altering log files and steganography.
Good, now you are aware of all the phases of hacking! Let’s move ahead..
Who are you?
Hackers are generally white hat, black hat and grey hat. Ethical hackers are generally white hats and grey hats. Ethical hackers are mainly security professionals.
White hats: As you may be aware by listening ‘white’ hats, they are security professionals who use their skills for defensive purposes and to help others. So they’re good people!
Black hats: You know that black is opposite of white, so is in terms of hacking. Black hats hackers are the bad people or crackers who use their skills to cause harm to others and for illegal and malicious purposes. Some examples include shreading vital data from system, stealing others’ credit card information etc.
Grey hats: It might be confusing to you. They can be both white hat and black hat. They can do both bad abd defensive works, depending upon what the situation is. Mostly, the hackers come into this class.
There are some self proclaimed hackers too. They generally want to highly the bugs or vulnerabilities in the system or educate that system administrator to secure it.
Tiger team: A group of hackers who perform a security scan on a system for hire is called tiger team. A hacker can hack the system by exploiting some vulnerability and then explain the system administration how it was done and how it can be patched, in this case, the hacker is acting as an unpaid tiger team. It can cause ethical hackers in serious legal trouble.
Suppose you have told a system administrator the vulnerabilities in his system, the response may vary. It can be “Thank you, we’ll fix that” or they can even call police to arrest you! So, always make sure you know the law and legal rules in the country when conducting such activity.
So, that was all for part 1, the part 2 will be published in a few days. Stay updated and drop a comment if you need any help 🙂