In this article, we’re going to see about Network Hacking. How to do it? and countermeasures.
Note-> Only for educational purpose.
We’re going to learn about.
- Port scanning
- Banner Grabbing
- Searching Vulnerabilities.
So let’s start with,
In this phase, the hacker gathers the information of the computer system and the entities they belong to. This collected information will help the hacker later to perform an attack on the system. They can get information using various tools and methods.
First, the hacker will look for names and email addresses on the website or on the network. The email can help the hacker to perform any type of social engineering attack.
Next, the hacker will find the IP address of the system or the network. Then he will ping the IP address to see if it’s responding or not.
The next step will be Whois lookup of the IP address. One can get a lot of information from whois lookup of the IP address.
The next thing the hacker will check is the robots.txt file on the website. For those who don’t know what is robots.txt, It displays the directory and pages of the website which the websites want to be anonymous. So one can find some valuable pages or information in the robots.txt file.
Now we have studied the basics of footprinting let’s get on to the next step.
In Port scanning the hacker scans for different types of open ports on the network. Once the hacker finds all the services running on the network they can search for the vulnerability.
There is one famous tool for doing port scanning which is NMap. There are lots of tools to do port scanning but NMap is the oldest and maybe one of the best.
You can install Nmap in your LINUX or WINDOWS machine for windows machines there is a GUI of this tool called zenmap.
You can do scan a network for all the open ports
There are total 65535 ports and Nmap can scan all of them for you.
Some common port numbers are,
|20||File Transfer Protocol (FTP) Data Transfer|
|21||File Transfer Protocol (FTP) Command Control|
|22||Secure Shell (SSH) Secure Login|
|23||Telnet remote login service, unencrypted text messages|
|25||Simple Mail Transfer Protocol (SMTP) E-mail routing|
|53||Domain Name System (DNS) service|
|67, 68||Dynamic Host Configuration Protocol (DHCP)|
|80||Hypertext Transfer Protocol (HTTP) used in the World Wide Web|
|110||Post Office Protocol (POP3)|
|119||Network News Transfer Protocol (NNTP)|
|123||Network Time Protocol (NTP)|
|143||Internet Message Access Protocol (IMAP) Management of digital mail|
|161||Simple Network Management Protocol (SNMP)|
|194||Internet Relay Chat (IRC)|
|443||HTTP Secure (HTTPS) HTTP over TLS/SSL|
Nmap can not only scan open ports for you but it can also tell you information about the operating system running on the server.
If you want to learn more about Nmap CLI version click here.
Now the hacker knows all the services and version information running on the server. Now let’s proceed to next step.
Now the hacker knows the services running on the network. In banner grabbing the hacker tries to know the software and version on which the service is running.
There are lots of tools which can perform the banner grabbing attacks.
The most used and best tool for banner grabbing is telnet.
First, the hacker select one of the open ports that were revealed in the port scanning.
Next, the telnet will connect to the target, and when the target responds it will grab the banner and tell you the software name and version info.
Searching For Vulnerability
Now the hacker has the information of the service and knows the software and the version information of the service. Now the hacker will search the related exploit and vulnerability on the internet for the network hacking.
There are lot’s of websites and tools for finding exploits, let’s see some of them.
And there are lots of website and software to find exploit, And if you are good coder you can write your own exploit.
Now that hacker find all the information and the right exploit to execute. They can just launch the exploit and penetrate the network.
If you have an exploit from rapid 7 then it can run on metasploit.
Most of the exploit you download from Exploitdb or vulndb are written in c or python or perl. You just need to execute the program with right IP address and information.
Congratulation you successfully infiltrated the network.
Countermeasure and Safety Tips
- Keep all your software up to date. to be safe from Network hacking.
- Always implement a firewall.
- Update your Anti-virus.
- Always scan your system for viruses and Malware.