Bambang F. Indarto

The Journey… The Shares

Hacking… want to try?

Posted by bfindarto on May 25, 2008

Logic steps to do hacking process:

1. FootPrinting
Footprinting is the technique of gathering details information about targeted computer systems and the entities they belong to. This is done by employing various computer security techniques, as whois services, DNS zone transfer, ping sweeps, port scanning, or registrar queries. Some of the tool used for this method are samspade, nslookup, traceroute, Nmap and neotrace.

2. Port Scanning
Next step is scanning, which is finding the very possible access door. we can use ping sweep and DNS zone transfer. Some good tools to do port scanning: Nmap (Unix/Windows), Superscan (Windows), Scanmetender Standard (Windows and GNU/Linux), Unicornscan (Unix), nhs nohack scanner (Windows)

3. Enumeration
This enumeration method is all about full observation of legal user account, network and shares resources, and also to find application with weakness.

4. Gaining Access
now… we are in the step of gaining more information to get access to the targeted system. This step will include spying and grab user’s password, or do password research, and buffer overflow.

5. Escalating Privileges
If we have already some access and password in the targeted system, now, we should get network administrators privileges with password cracking, or some exploits such as getadmin, lc_messages or sechole.

6. Pilfering
Pilfering is the process of gaining more information to identify access mechanism to to the trusted system. This process will include trust evaluation and seeking for clear-text password in the registry, config-file and user’s data.

7. Covering
If we already have full control to system, the next step would be covering our trails. We need to clean up the network log and use some of the hiding-tools such as rootkits and file streamings.

8. Creating Backdoors
Backdoors need to be created in some of the systems so we can access to the targeted system easily without doing the previous steps. We can create a backdoor access by creating fake user account, scheduling batch, changing the start-up files, install a remote-access services and monitoring tools and use trojan applications

9. Denial of Service
If… all of the steps didn’t give you good results, our last effort is just attack the system. he he. DoS, which will include SYN-flood, ICMP supernuke tehcnique, land/latierra, teardrop, bonk, trincoo, newtear, and other kind of attack.


One Response to “Hacking… want to try?”

  1. fitri said

    tipsnya terlalu umum..bukan org networking neh.jd ga familiar sm istilah2nya..

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: