Infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?

Infecting a system with malware and using phishing to gain credentials to a system or web application are examples of which phase of the ethical hacking methodology?

Option 1 : Scanning
Option 2 : Gaining access
Option 3 : Maintaining access
Option 4 : Reconnaissance

1. Scanning

The Scanning phase is another essential step, which is important , and it refers to the package of techniques and procedures wont to identify hosts, ports, and various services within a network. Network scanning is one among the components of intelligence gathering and knowledge retrieving mechanism an attacker wont to create an summary scenario of the target organization (target organization: means the group of individuals or organization which falls within the prey of the Hacker). Vulnerability scanning is performed by pen-testers to detect the likelihood of network security attacks. this system led hackers to spot vulnerabilities like missing patches, unnecessary services, weak authentication, or weak encryption algorithms. So a pen-tester and ethical hacker list down all such vulnerabilities found in an organization’s network.
1. Hackers and Pen-testers check for Live systems.
2. Check for open ports (The technique is named Port Scanning, which can be discussed below)
3. Scanning beyond IDS (Intrusion Detection System)
4. Banner Grabbing: is that the method for obtaining information regarding the targeted system on a network and services running on its open ports. Telnet and ID Serve are the tools used mainly to perform a Banner-grabbing attack. This information could also be employed by intruders/hackers to portray the lists of applicable exploits.
5. Scan for vulnerability
6. Prepare Proxies

2. Gaining access

This phase having the hacker uses different techniques and tools to realize maximum data from the system. they’re –
Password cracking – Methods like Bruteforce, dictionary attack, rule-based attack, rainbow table are used. Bruteforce is trying all combinations of the password. Dictionary attack is trying an inventory of meaningful words until the password matches. Rainbow table takes the hash value of the password and compares with pre-computed hash values until a match is discovered.
• Password attacks – Passive attacks like wire sniffing, replay attack. Active online attack like Trojans, keyloggers, hash injection, phishing. Offline attacks like pre-computed hash, distributed network and rainbow. Non electronic attack like shoulder surfing, social engineering and dumpster diving.

3. Maintaining access

This phase once an attacker gains access to the target system, the attacker can prefer to use both the system and its resources and further use the system as a launch pad to scan and exploit other systems, or he can keep a coffee profile and continue exploiting the system. Both these actions can damage the organization. as an example , the attacker can implement a sniffer to capture all network traffic, including telnet and ftp sessions with other systems.
Attackers who prefer to remain undetected remove evidence of their entry and use a back door or a Trojan to realize repeat access. they will also install rootkits at the kernel level to realize super user access. Rootkits gain access at the OS level while a computer virus gains access at the appliance level. Both rootkits and Trojans depend upon users to put in them. Within Windows’ systems, most Trojans install themselves as a service and run as an area system, which has administrative access.
Attackers can use Trojan horses to transfer user names, passwords, and even mastercard information stored on the system. they will maintain control over “their” system for an extended time by “hardening” the system against other attackers, and sometimes, within the process, do render a point of protection to the system from other attacks. they will then use their access to steal data, consume CPU cycles, and trade sensitive information or maybe resort to extortion.
Organizations can use intrusion detection systems or deploy honeypots and honeynets to detect intruders. The latter though isn’t recommended unless the organization has the specified security professional to leverage the concept for cover .

4. Reconnaissance

In this phase information Gathering and going to know the target systems is that the first process in ethical hacking. Reconnaissance may be a set of processes and techniques (Footprinting, Scanning & Enumeration) wont to covertly discover and collect information a few target system.
During reconnaissance, an ethical hacker attempts to collect the maximum amount information a few target system as possible, following the seven steps listed below ?
• Gather initial information
• Determine the network range
• Identify active machines
• Discover open ports and access points
• Fingerprint the OS
• Uncover services on ports
• Map the network
We will discuss intimately of these steps within the subsequent chapters of this tutorial. Reconnaissance takes place in two parts ? Active Reconnaissance and Passive Reconnaissance.

Active Reconnaissance

In this process, you’ll directly interact with the pc system to realize information. This information are often relevant and accurate. But there’s a risk of getting detected if you’re planning active reconnaissance without permission. If you’re detected, then system admin can take severe action against you and trail your subsequent activities.

Passive Reconnaissance

In this process, you’ll not be directly connected to a computing system . This process is employed to collect essential information without ever interacting with the target systems.

Learn CEH & Think like hacker

This Blog Article is posted by

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us –

Leave a Comment