System Hacking

Subscribe to my newsletter and never miss my upcoming articles

Listen to this article

With the information extracted using the previously explained techniques and phases of penetration including footprinting, scanning, and enumeration, now you can proceed to the next level: System hacking. All information extracted so far are focused toward the target, now using this collection of information, we are moving forward to access the system.

Summarizing the information collected in previous phases, such as a list of valid Usernames, Email addresses, passwords, groups, IP range, operating system, hardware and software version, shares, protocols and services information, and other details. Depending upon the collection of information, the attacker will have a more precise image of the target.

System Hacking After gaining the information from previous phases, now proceed to system hacking phase. The process of system hacking is much difficult and complex than previous ones.

Before starting the system hacking phase, an ethical hacker, or pentester must remember that you cannot gain access to the target system in a go. You must have to wait for what you want, deeply observe and struggle; then you will find some results.

System Hacking Methodology The process of System hacking is classified into some System hacking methods. These methods are also termed as CEH hacking methodology by EC-Council. This methodology includes: -

Cracking passwords Escalating privileges Executing applications Hiding files Covering tracks Goals of System hacking In the methodological approach of System hacking, bypassing the access control and policies by password cracking or social engineering attacks will lead to gain access to the system. Using the operating system information, it helps to exploit the known vulnerabilities of an operating system to escalate the privileges. Once you have gained access to the system and acquire the rights and privileges, by executing an application such as Trojans, backdoors, and spyware, an attacker can create a backdoor to maintain the remote access to the target system. Now, to steal actual information, data or any other asset of an organization, the attacker needs to hide its malicious activities. Rootkits and steganography are the most common techniques to hide malicious activities. Once an attacker steals the information and remains undetected, the last phase of system hacking ensures to be undetected by hiding the evidence of compromises by modifying or clearing the logs.

 
Share this