Hacking is a dangerous process that hackers use to gain unauthorized access to any smartphone, television, computer, or other network system. The hackers constantly update their programming and computer skills to enter the target’s system without the target’s knowledge and gain valuable financial and personal information.
https://www.infosectrain.com/blog/domain-3-of-ceh-v11-system-hacking-phases-and-attack-techniques/
3. www.infosectrain.com | sales@infosectrain.com 02
The six hacking phases are:
> Reconnaissance
> Scanning and enumeration
> Gaining access
> Ascendancy of privileges
> Maintaining access
> Track coverage
DOMAIN 3
System Hacking Phases & Attack Techniques
In this blog, we will discuss the 3rd
domain of CEH,
which is ‘System Hacking Phases & Attack
Techniques’
System Hacking Phases
4. 01
www.infosectrain.com | sales@infosectrain.com 03
Reconnaissance
Reconnaissance is the first and pre-phase of hacking. Reconnaissance is the
process of gathering all the information about the target system, like active
ports, operating systems, and all the passive information.
For example, assume you want to surprise your childhood friend who lost touch
with you. The first thing you will do is gather all the information about them, like
their city, area, home address, etc. The process of collecting this information is
called reconnaissance.
DOMAIN 3
System Hacking Phases & Attack Techniques
5. www.infosectrain.com | sales@infosectrain.com 04
02
Scanning & Enumeration
This scanning and enumeration phase is where the attacker moves from
passive to active information gathering. The scanning is performed to gain
access to the target system, and the enumeration is performed to get detailed
information, including the user account data.
There are three types of scanning.
Port scanning: Port scanning is a phase where hackers scan the target
system for data like live systems, open ports, and different services running
over the host.
Network mapping: A network map depicts a network’s topology, routers,
firewalls, servers, if any, and host information. During the hacking process, this
network map can be a valuable source of information.
Vulnerability scanning: The vulnerability scanning process involves
scanning the target for weaknesses or vulnerabilities that could be exploited.
This kind of scanning is usually done with automated tools.
DOMAIN 3
System Hacking Phases & Attack Techniques
6. 03
www.infosectrain.com | sales@infosectrain.com 05
Gaining Access
Gaining access is one of the important phases of hacking any system/network.
This is the phase where the attacker moves from simply examining the network
to actually attacking it. Hackers can gain access by using various
methodologies, like identifying a wireless access point or by identifying
vulnerabilities within the web server software.
Ultimately, a hacker’s method of accessing a network will depend on his skills,
how much access he gains, and how the victim’s network is configured.
DOMAIN 3
System Hacking Phases & Attack Techniques
7. 04
Privileges Ascendancy
www.infosectrain.com | sales@infosectrain.com 06
Even though the hacker has got access to the network or your system, he tries
to escalate his privileges to an administrator because they are the individuals
who control the whole network.
In simple terms, privilege escalation can be described as exploiting a bug or
vulnerability in an application or operating system to gain access to resources
that would otherwise be protected from an average user.
DOMAIN 3
System Hacking Phases & Attack Techniques
8. www.infosectrain.com | sales@infosectrain.com 07
05
Maintaining the Access
Hackers have to maintain access to complete their tasks successfully. This can
be done by using rootkits, trojans, and various other malicious files.
DOMAIN 3
System Hacking Phases & Attack Techniques
9. 06
Track Coverage
www.infosectrain.com | sales@infosectrain.com 08
No one wants to get caught after doing a robbery. Hence, the hackers cover all
their tracks so that the network/system owner will never know who attacked
the network/system. A good hacker will cover or clear his tracks by changing
the registry values and removing/changing/corrupting the log values.
DOMAIN 3
System Hacking Phases & Attack Techniques
10. Different Attacking
Techniques used by a Hacker
DOMAIN 3
System Hacking Phases & Attack Techniques
Bait and Switch
Bait and Switch is a process where a hacker buys advertising space on any
website, and he posts a very interesting ad that attracts users to click on it.
Once the user clicks that ad, it will immediately redirect him to a malicious
page, and from there, a hacker can install bugs and malicious codes into
your system. So guys, be very careful whenever you are clicking an ad.
www.infosectrain.com | sales@infosectrain.com 09
11. www.infosectrain.com | sales@infosectrain.com 10
Cookie Theft
I think this is a dangerous attack because we save many passwords in our
browsers, say our email passwords, bank accounts, or many important
accounts. Once the attacker gets your cookie session, he can replicate you
and conduct attacks or simply steal that information. So, make sure you
regularly clear your search history and cache.
DOMAIN 3
System Hacking Phases & Attack Techniques
12. DOMAIN 3
System Hacking Phases & Attack Techniques
Installing various trojans and malware like trojan and
spyware
A hacker installs various malware on a target’s computer. These trojans and
spyware frequently send the data to the attacker and perform few tasks like
diverting traffic and sniffing the victim’s data.
www.infosectrain.com | sales@infosectrain.com 11