Day 1: Overview Of Ethical Hacking and Methodologies

Ethical Hacking and Methodologies

Hacking is defined as the act of identifying weaknesses in a system and exploiting them to gain access to the system.

WHO IS A HACKER?

A “hacker” is the opposite of someone who never goes to class. A “hacker” is a student for life. Hackers think outside the box and beyond borders. They are those “geeks” who provide IT solutions to real-life problems. A hacker is an individual who uses computer programming or technical skills to solve a problem.

TYPES OF HACKERS

There are many types of hackers out there, but today, we will group them all into three main types. That is, white, black, and grey hat hackers.

White hat: they are authorized hackers who expose and fix identified weaknesses in a system or infrastructure.

Black hat: refers to an unauthorized malicious hacker who gains access to a system to steal data, commit fraud, or anything that will generally cause harm to a system intentionally, etc

Grey hat: a hacker who lies between the actions of white and black hat hackers. They gain unauthorized access to a system, in other to find weaknesses and reveal them to the owner of the system.

 

PENETRATION TESTING OR PENTESTING

A penetration test is an ongoing cycle of research and attack against a target or boundary.

The attack should be structured, calculated, and, when possible, verified in a lab before being implemented on a live target.

There are three primary scopes when testing an application or service. Your understanding of your target will determine the level of testing that you perform in your penetration testing engagement. In today’s blog, we’ll cover these three different scopes of testing.

Black-Box Testing

This testing process is a high-level process where the tester is not given any information about the inner workings of the application or service.

The tester acts as a regular user testing the functionality and interaction of the application or piece of software. This testing can involve interacting with the interface, i.e. buttons, and testing to see whether the intended result is returned. No knowledge of programming or understanding of the program is necessary for this type of testing.

Black-Box testing significantly increases the amount of time spent during the information gathering and enumeration phase to understand the attack surface of the target.

Grey-Box Testing

This testing process is the most popular for things such as penetration testing. It is a combination of both black-box and white-box testing processes. The tester will have some limited knowledge of the internal components of the application or piece of software. Still, it will be interacting with the application as if it were a black-box scenario and then using their knowledge of the application to try and resolve issues as they find them.

With Grey-Box testing, the limited knowledge given saves time and is often chosen for extremely well-hardened attack surfaces.

White-Box Testing

This testing process is a low-level process usually done by a software developer who knows programming and application logic. The tester will be testing the internal components of the application or piece of software and, for example, ensuring that specific functions work correctly and within a reasonable amount of time.

The tester will have full knowledge of the application and its expected behavior which is much more time-consuming than black-box testing. The full knowledge in a White-Box testing scenario provides a testing approach that guarantees the entire attack surface can be validated.

THE 5 PHASES OF ETHICAL HACKING

1. Reconnaissance/Information Gathering

This is the first step of Hacking. It is also called the footprinting and information gathering Phase. This is the preparatory phase where we collect as much information as possible about our target. We usually collect information about three groups,

• Network
• Host
• People involved

There are two major types of reconnaissance:

• Active Reconnaissance: Directly interacting with the target to gather information about the target. Eg. Using the Nmap tool to scan the target’s network.
• Passive Reconnaissance: Trying to collect information about the target without directly getting access to the target. This involves collecting information from social media, public websites, etc.

2. Scanning/Enumeration

Three types of scanning are involved:

• Port scanning: This phase involves scanning the target for information like open ports, Live systems, and various services running on the host.
• Vulnerability Scanning: Checking the target for weaknesses or vulnerabilities which can be exploited is usually done with help of automated tools.
• Network Mapping: Finding the topology of the network, routers, firewalls servers if any, and host information and drawing a network diagram with the available information. This map may serve as a valuable piece of information throughout the hacking process.

Hackers try discovering applications and services running on the systems that may be potentially vulnerable.

3. Gaining access/Exploitation

This phase is where an attacker breaks into the system/network using various tools or methods. In this phase, the hacker uses the vulnerabilities found in the system against the system in other to gain access to it. The attacker can choose to use public exploits or try exploiting the application logic instead.

4. Maintaining Access/Privilege Escalation

Hackers may just hack the system to show it is vulnerable or they can be so malicious that they want to maintain or persist the connection in the background without the knowledge of the user, hence escalating their privileges to a higher one. Privilege escalation can be done horizontally or vertically, where horizontally means accessing another account of the same permission group (i.e. a different user), whereas vertically means accessing that of another permission group (i.e. an administrator).

This can be done using Trojans, Rootkits, or other malicious files. The aim is to maintain access to the target until the hacker finishes the tasks he has planned to accomplish.

5. Post Exploitation/Clearing Tracks

An intelligent hacker always clears all evidence so that at a later point in time, no one will find any traces leading to him. This involves modifying/corrupting/deleting the values of logs, modifying registry values and uninstalling all applications he used, and deleting all folders he created. After the hacker writes a report, which is mostly done by white hat hackers.

 

QUESTIONS AND ANSWERS ABOUT ETHICAL HACKING (FAQs)

 What is the salary of an ethical hacker?

As of the time, this article was being written, an ethical hacker made an average of $116,078 per year. By 2030, the number of jobs for information security analysts could climb by 33 percent, according to the Bureau of Labor Statistics.

What skills does one need to become an ethical hacker?

• Problem-solving
• Communication
• Research
• An understanding of programming 
• Networking

What are the duties or responsibilities of ethical hackers?

• Increase the computer system’s security
• Test new software before it is made available to the general public
• Work in teams to test security measures
• Stay up with and research new technology and software for security.

This will be all for the Day 1 post. Hope you enjoyed it, kindly let me know in the comments section. Be sure to check out other blog posts of interest or come back tomorrow for the next day’s post. 😊