Friday, January 27, 2012

Hacking Framework

Here's the phases of hacking/hacking framework.

1. Information Gathering
2. Service Enumeration
3. Vulnerability Assessment
4. Exploitation
5. Backdooring
6. Housekeeping
7. Rootkit/Maintain Access

Lets study these phase one by one.

1. Information Gathering
Information is an activity to search information about the target system as much as possible. Information gathering divided into two types :
   a. Technical 
       Technical Information gathering use the tools available actively. Technical information gathering also divided into two more :
     i. Active Information Gathering
       This technique interact with the target system directly(ex.scanning).
     ii. Passive Information Gathering
       This technique doesn't interact with the target system directly(ex.googling)
   b. Non-Technical
        This kind of information gathering doesn't involve the tools available actively (ex. social engineering). Social Engineering is the art of deception.

2. Service Enumeration
Service enumeration is an activity to see any services running on the target system. Important to be known 90% gateway to enter a system is through the services. So, Its good to have only important services running. More services running, more security hole also running.

3. Vulnerability Assessment
Searching a weak point on the system by finding vulnerabilities, usually on the running services. Method to search vulnerability divided into 3 :
   a. Community
   b. Vendor
   c. Self-Develop

4. Exploitation
Exploit or in the other word Pentest is the POC(Prove of Concept) of Vulnerability Assessment. When the test is failed, pentester must search another crack to be exploited. When the test is succeed, pentester must setup a backdoor ASAP.

5. Backdooring
Backdooring is an activity to create a hidden backdoor for pentester for further exploit. So pentester won't have to repeat same way again to exploit the system, just use the backdoor. 

6. Housekeeping
Housekeeping is an activity to delete the trace of the exploit in order to hide from the administrator of the system.

7. Rootkit
Rootkit is an application that running before the OS loading. So, basically when inside the system exist the rootkit that we've created, the system is fully under the control of ourself.

Method information gathering, service enumeration, vulnerability assessment, and exploitation is in the area called "Uncontrollable zone" because at that time we haven't got the control over the system. And backdooring, housekeeping and rootkit is in the area called "Controllable zone" because at that time we've already take control over the system.

Hope this helps.  :)


Post a Comment