Real Hacking Steps (Remote Hacking):)) For Educational Purposes Only

Real Hacking Steps consists of following:::

 1. Information Gathering / Foot printing 
2. Port Scanning 
3. OS Fingerprinting
 4. Banner Grabbing
 5. Vulnerability Assessment 
6. Search & Build Exploit
 7. Attack 
8. Maintain Access with help of Root kits and Trojans.

1. Information Gathering / Foot printing

Information gathering is the process to get maximum details of target host. It is a very important

part of remote hacking because the more information about target system we have, more the number of

attacks we can launch.

2. Port Scanning

What is port?

Port is medium for communication between 2 computers. Every service on a host is identified by

a unique 16-bit number called a port.

Some default ports:

Port number Service::

7 Ping

21 FTP(File transfer protocol)

22 SSH (Secure shell)

23 Telnet

25 SMTP (Mail)

43 WHOIS

53 DNS

80 HTTP

110 POP3 (Mail Access)

513 Rlogin

8080 Proxy
 

What is port scanner?

A port scanner is a piece of software designed to search a network host for open ports. This is often used

by administrators to check the security of their networks and by hackers to identify running services on a

host with the view to compromising it. To portscan a host is to scan for listening ports on a single target

host. To portsweep is to scan multiple hosts for a specific listening port.

Best port scanners: nmap, Hping2, Superscan.

Download link:

3. OS Fingerprinting

OS (Operating System) Fingerprinting is a process to find out victim's Operating

System(Windows, Linux, UNIX)

Introduction:

When exploring a network for security auditing or inventory/administration, you usually want to

know more than the bare IP addresses of identified machines. Your reaction to discovering a

printer may be very different than to finding a router, wireless access point, telephone PBX,

game console, Windows desktop, or Unix server. Finer grained detection (such as distinguishing

Mac OS X 10.4 from 10.3) is useful for determining vulnerability to specific flaws and for

tailoring effective exploits for those vulnerabilities.

Tools: nmap, NetScanTools Pro, P0f.

4. Banner Grabbing

Banner grabbing

or application. Mean after port scanning we found open port 80 (apache) and target os is Linux,

but we don’t know what is version of apache for remote hacking. Like apache 2.0, 2.2, or 2.6 .

5. Vulnerability Assessment

What is Vulnerability Assessment?

The word "

misconfiguration) that allows a system to be attacked or broken into.

vulnerability" describes a problem (such as a programming bug or common

A vulnerability assessment

ranking) the vulnerabilities in a system.

Vulnerability assessments can be conducted for small businesses to large regional infrastructures.

Vulnerability from the perspective of Disaster Management means assessing the threats from

potential hazards to the population and to the infrastructure developed in that particular region. It can be

done in political, social, economic and in environmental fields.

is the process of identifying, quantifying, and prioritizing (orAutomated Tools:

6. Search & Build Exploit

Manual Method: We can find vulnerability manually with help of vulnerability archive sites like

www.milw0rm.com

and http://www.packetstormsecurity.org/

For exploit and final attack, open the websites say Microsoft, adobe or mozilla which provides

you the source code format. You need to download the code and compile them for preparing

exploit for final attack

.

7. Attack

Launch attack on remote system and get reverse shell

.

8. Maintain Access

After getting remote access we place a root kit or Trojan virus for future remote access, without

any password.

9. Covering Tracks

Covering Tracks is a process to delete all logs on the remote system. If target system is linux or

UNIX, delete all entries of /var folder and if it is windows os delete all events and logs.