Scribd
Upload
0 views

L8

The document discusses the concepts of Footprinting and Reconnaissance in cybersecurity, highlighting their differences and processes. Footprinting involves passive data gathering from public sources, while Reconnaissance includes active probing for vulnerabilities. It outlines the steps of the System Hacking Process, detailing how unauthorized access can be gained and maintained on a target system.

Uploaded by

fto8deu8o
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0 views

L8

The document discusses the concepts of Footprinting and Reconnaissance in cybersecurity, highlighting their differences and processes. Footprinting involves passive data gathering from public sources, while Reconnaissance includes active probing for vulnerabilities. It outlines the steps of the System Hacking Process, detailing how unauthorized access can be gained and maintained on a target system.

Uploaded by

fto8deu8o
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 17

Footprinting,

Reconnaissance and
System Hacking
Lecture 8
What is Footprinting
Footprinting involves passive data gathering techniques, such as searching public
websites, social media platforms, and online forums for information about the
target. This information can include company details, employee names, email
addresses, and even technical specifications of the systems they use.
Example of Footprinting Carried Out
Open Source Intelligence (OSINT): Gathering information from publicly
available sources like websites, blogs, news articles, and social media platforms.

Network Scanning: Identifying active network devices, their IP addresses, and


open ports to gather information about the target system and its structure.

DNS Enumeration: Collecting information about the target’s domain name


system (DNS), including subdomains and associated IP addresses.

Whois Lookups: Understanding the ownership and registration information of


the target domain. etc.
What is Reconnaissance
Reconnaissance involves actively probing the target’s systems, networks, and
infrastructure to uncover vulnerabilities. This can include scanning for open ports,
identifying weak passwords, and exploring network configurations to discover
potential points of attack.
Example of Reconnaissance
Port Scanning: Examining the target system for open ports and services, which
can provide insights into potential vulnerabilities.

Vulnerability Scanning: Identifying known vulnerabilities in the target’s


systems and software versions to exploit them.

Packet Sniffing: Intercepting network traffic to capture and analyze data


packets, searching for sensitive information.

Social Engineering: Manipulating individuals within the target organization to


gain unauthorized access to systems or obtain sensitive information. etc.
Difference Between Footprinting and
Reconnaissance
Footprinting is a passive and non-intrusive technique that focuses on information
gathering from publicly available sources, while Reconnaissance involves active
probing and scanning of the target's systems.
System Hacking Process
1. Reconnaissance: Gathering information about the target system, such as
open ports, services, and potential weaknesses.

2. Scanning and Enumeration: Identifying active hosts, open ports, and


detailed system information

3. Vulnerability Analysis: Identifying system vulnerabilities and weaknesses,


including software flaws and misconfigurations.

4. Gaining Access: Exploiting vulnerabilities to gain unauthorized access,


often through software exploits, weak passwords, or social engineering

5. Privilege Escalation: Increasing access privileges to gain control over the


system.
System Hacking Process
6. Data Collection: Gathering sensitive information or data from the
compromised system.

7. Maintaining Access: Ensuring continued access by creating backdoors or


installing persistent tools.

8. Persistence: Establishing mechanisms to regain access even if initially


detected and removed.

9. Malicious Actions: Conducting further attacks, spreading malware, or


manipulating data.

10. Covering Tracks: Erasing or altering logs and evidence of the intrusion to
avoid detection.
Example System Hacking (Linux)
Imaginate we have a website https://test.daffodilvarsity.edu.bd and behind it a
Linux system is running. Our goal is to gain unauthorize assess to this system.
Let’s move forward with the System Hacking Process.
Reconnaissance:
Let’s ping the domain name to find out the IP address of the server behind the
domain.
Scanning and Enumeration:
Scan the IP (192.168.134.142) with a port scanner. We are using Zenmap to
find out open ports on the server.
Vulnerability Analysis
Search internet to find out is there any common vulnerability already exposed
or not. In this case we found a vulnerability and exploit of this version of FTP
software currently this Linux system is using.
Gaining Access
We read the exploit details of rapid7. The exploit is based on Metasploit
Framework (A set of exploitations tools) require a
https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/
Gaining Access (Exploit)
Using Metasploit to gain unauthorized access (Access Gained)
Now we can process
Maintaining Access, Privilege Escalation, Covering Tracks, Data
Collection, Malicious Actions and Persistence
Questions
Thanks!

You might also like