fbpx

The 5 Phases of Hacking

The 5 Phases of Hacking

Introduction

The term hacking in information security refers to exploiting vulnerabilities in a system and compromising the security to gain unauthorized command and control of the system.

The following are the five phases of hacking:

  1. Reconnaissance
  2. Scanning
  3. Gaining Access
  4. Maintaining Access
  5. Clearing Tracks

Reconnaissance

Reconnaissance is an initial preparation phase for the attacker to prepare for an attack by gathering information about the target prior to launching an attack using different tools and techniques. Gathering information about the target makes it easier for an attacker. It helps to identify the target range for large-scale attacks.

In Passive Reconnaissance, a hacker acquires information about the target without directly interacting with the target. An example of passive reconnaissance is searching social media to obtain the target’s information.

Active Reconnaissance is gaining information by directly interacting with the target. Examples of active reconnaissance include interacting with the target via calls, emails, help desk, or technical departments.

Scanning

Scanning is a pre-attack phase. In this phase, an attacker scans the network through information acquired during the initial phase of reconnaissance. Scanning tools include dialers, scanners such as port scanners, network mappers, and client tools such as ping and vulnerability scanners. During the scanning phase, attackers finally fetch the ports’ information, including port status, Operating System information, device type, live machines, and other information depending on scanning.

Gaining Access

This phase of hacking is the point where the hacker gains control over an Operating System (OS), application, or computer network. The control gained by the attacker defines the access level, whether the Operating System level, application level, or network level. Techniques include password cracking, denial of service, session hijacking, buffer overflow, or other techniques used for gaining unauthorized access. After accessing the system, the attacker escalates the privileges to a point to obtain complete control over services and processes and compromise the connected intermediate system.

Maintaining Access / Escalation of Privileges

The maintaining access phase is the point where an attacker tries to maintain access, ownership, and control over the compromised systems. The hacker usually strengthens the system in order to secure it from being accessed by security personnel or some other hacker. They use Backdoors, Rootkits, or Trojans to retain their ownership. In this phase, an attacker may either steal information by uploading it to the remote server, download any file on the resident system, or manipulate the data and configuration settings. To compromise other systems, the attacker uses this compromised system to launch attacks.

Clearing Tracks

An attacker must hide his identity by clearing or covering tracks. Clearing tracks is an activity that is carried out to hide malicious activities. If attackers want to fulfill their intentions and gain whatever they want without being noticed, it is necessary for them to wipe all tracks and evidence that can possibly lead to their identity. In order to do so, attackers usually overwrite the system, applications, and other related logs.

Conclusion

The purpose for hacking may include alteration of a system’s resources or disruption of features and services to achieve other goals. Hacking can also be used to steal confidential information for any use, such as sending it to competitors, regulatory bodies, or publicizing it. Our new and updated CEH V11 can help you in mastering the skills of Ethical Hacking. Order today and start learning!

Scroll to Top

Sign-Up with your email address to receive news, new content updates, FREE reports and our most-awaited special discount offers on curated titles !

Loading