Domain 3 of CEH 11: System Hacking Phases & Attack Techniques
Domains of CEH
Information Security and Ethical Hacking Overview – 6%
Phases of system hacking and Attack Techniques-17%
Network and perimeter hacking-14%
Web application hacking-16%
Wireless network hacking – 6%
Mobile platform, IoT and OT hacking – 8%
Cloud Computing 6%
Hacking is a dangerous technique hackers use to gain unauthorised access to any smartphone, television or computer. Hackers are constantly updating their programming and computer skills to gain access to the target’s system, without the target’s knowledge, and gain valuable financial information and personal information.
Not all hackers want to hack your system and gain unauthorized access. Some hackers use their skills to protect your confidential information. These hackers are called ethical hackers. This blog will focus on the third domain of CEH:’system hacking techniques and phases’. Here you will see the hacking techniques and phases used by both ethical hackers and malicious hackers. Both use the same techniques and phases, but with different purposes.
System hacking phases
These are the six phases of hacking:
Scanning and enumeration
Ascendancy of privileges
Reconnaissance: This is the pre-phase of hacking. Reconnaissance is the process by which all information about the target system is collected, such as active ports, operating systems and all passive information.
Let’s say you want to surprise a childhood friend who has lost touch with you. First, gather all information about them. This includes their address, city, and home address. Reconnaissance is the process of gathering this information.
Scanning and enumeration
The attacker’s next step is to scan and enumerate. The scanning is done to gain access to the target systems, while the enumeration is used to obtain detailed information, including user account data.
There are three types.
Port scanning: This is where hackers scan the target system to find data such as live systems, open ports and other services that are running over it.
Network mapping: A network map shows the network’s topology, routers and firewalls, servers and host information. This network map can be an invaluable source of information during hacking.
Vulnerability scanning is the process of scanning a target for weaknesses or potential vulnerabilities that could be exploited. This type of scanning is often done using automated tools.
Access: Hacking any system/network requires access to be successful. This is where the attacker goes beyond simply looking at the network and attacks it. Hackers can gain access using a variety of methods, such as identifying wireless access points or identifying vulnerabilities in the web server software.
The hacker’s ability to access a network depends on his skills, the amount of access he has, and how the victim’s network configuration is set up.
Privilege escalation is simply the act of exploiting a bug in an operating system or application to gain access to resources that would otherwise not be accessible to an average user.
Hackers must maintain access in order to complete their tasks. This can be done using rootkits, trojans and other malicious files.
Track coverage: Nobody wants to be caught after a robbery. Hackers cover all their tracks