Please enable JavaScript.
Coggle requires JavaScript to display documents.
Hacking cycle ( Gaining Access (Attacker obtains access to the operating…
Hacking cycle
-
Attacker can escalate privileges to obtain complete control of the system. In the process, intermediate systems that are also compromised
Attacker can gain access at the operating system level, application level or network level.
Examples : Password cracking, buffer overflows and denial of service.
-
Attacker may prevent the system from being owned by other attacker by securing their exclusive access with Backdoors , Rootkits or Trojan
-
Attacker can upload download or manipulate data, app and configurations on the owned system
-
Attacker overwrites the server , system and application logs to avoid suspicions
-
Reconnaissance target range may include the target organization's clients, employees, operation, network, and systems.
Refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack
Types of Reconnaissance
Passive Reconnaissance
Involves acquiring information without directly interacting with the target . Examples , Eavesdropping on employee conversations.
Active Reconnaissance
Interact directly with the target . For examples , using Nmap tool to scan the target
This phase involves scanning the target for the information like open ports , Live systems,various services running on the host
Checking the target for the weakness which can exploited. Usually done with help of automated tools.
Finding the topology of network,routers, firewall, servers if any, and host information and drawing a network diagram with the available information .