The society has a misconception on the term “hack”. It is mistreated as an evil act performed by people having knowledge of computer skills. But nowadays, several people are fond of hacking neighbor’s WiFi passwords. They aren’t aware of themselves of what they are doing is illegal activities. Well, hacking is intruding into resource of a system by with or without attacking any authentication vectors.
Ethical Hacking and Non-Ethical Hacking
Ethical hacking is hacking legal. The attacker might have a consent from the owner to break into the system, but no malicious acts are performed. The attacker usually awares the owner with a report of the vulnerabilities on the system.
Non-ethical hacking is the evil act performed by hacker without consent from the owner. The term ‘hack’, society should protect themselves is from non-ethical hacking. They intend to steal your resources, usually passwords and from credit cards.
Almost every hackers, follow the sayings of Sun Tzu mentioned in Art of War “So it is said that if you know your enemies and know yourself, you will not be put at risk even in a hundred battles. If you only know yourself, but not your opponent, you may win or may lose. If you know neither yourself nor your enemy, you will always endanger yourself”. A hacker spends most of the time gathering information of the target. A good information of the target can breach the known vulnerabilities in few minutes.
As the attacker gathers information, s/he performs scan to get deeper information of the target. The information gathered can identify vulnerabilities existing in the system. There are two types of scans carried out during reconnaissance.
These types of reconnaissance have no direct interaction with the target, so they cannot be detected. The attacker searches the information through the Internet using search engines, social sites, social engineering and more.
These reconnaissance can be detected by firewalls, Intrusion Detection System(IDS), antivirus. These security software alerts the target about the scans occurring. The alerts keeps notifying the target, so these types of scans are said to be noisy. Nmap/Zenmap scan is the popular active scan. It can scan open ports, identify the system used in the port, fingerprint OS and more. Other tools like recon-ng, Nikto/Wikto, Nessus, Nexpose are also popular tools used for active scanning.
The vulnerabilities information obtained from reconnaissance phase is used to breach during exploitation. The attacker figures out the path to the target’s system. The paths to the system can be via:
- Physical Access
- Operating System
Metasploit is the most popular tool used for exploitation. It is a framework having collections of latest exploits.
Usually the ethical hacker creates a replica of the server for the exploitation. The exploits can interrupt the service provided by the system to the users.
Backdoor (Non-Ethical Hacking)
After the attacker gains access to the target’s system, s/he plants a backdoor hidden. A backdoor is an application which eases the attacker to access the system in the future. The previous phases can now be skipped and accessed through the backdoor. Although the target figures out the vulnerability and patches it, the backdoor is open for the attacker.
In ethical hacking the hacker doesn’t go through this phase, as there is no need for him to access maliciously.
Clear tracks (Non-Ethical Hacking)
During the active scan and exploitation, the scan and failed exploits can generate alarms and logs in the system. Now, it’s time to clean the tracks that can identify the attacker. Every connection established in Internet is identified by IP address. The attacker now searches the logs to clear out the IP Address from the system. Well, the alarms cannot be cleared but the attacker can turn them off or can whitelist his/her IP address for the future.
The hacking phase of non-ethical hacking ends here. The attacker now has the information of the target. The information can be used for further expansion of attacks and the planted backdoor can give access to the attacker in the system.
This phase is also skipped in ethical hacking because the hacker has permission to the system.
Reporting (Ethical Hacking)
A report of the figured vulnerabilities in the system is prepared. The risk caused by the vulnerability is measured by the product of likelihood and impact. The vulnerabilities will be categorized according to the risk value.
Risk = Likelihood * Impact
A high likelihood and a high impact values results to high risk value, so the vulnerability will be marked as critical. A high likelihood and a low impact values or a low likelihood and a high impact values results to average which can be marked as severe. And finally low likelihood and a low impact results low risk which will be marked as moderate.