Exploit the possiblities


Posted Aug 17, 1999


tags | paper
MD5 | cd379ff35a623341947b39879a1a4d16


Change Mirror Download
<TITLE>The Hack FAQ: Attack Basics</TITLE>
<LINK REL="next" HREF="hackfaq-3.html">
<LINK REL="previous" HREF="hackfaq-1.html">
<LINK REL="contents" HREF="hackfaq.html#toc2">
<BODY BGCOLOR="black" VLINK="gray" TEXT="white" LINK="gray" HLINK="red">
<A HREF="hackfaq-3.html">Next</A>
<A HREF="hackfaq-1.html">Previous</A>
<A HREF="hackfaq.html#toc2">Contents</A>
<H2><A NAME="attackbasics"></A> <A NAME="s2">2. Attack Basics</A></H2>

<H2><A NAME="ss2.1">2.1 What are the four steps to hacking?</A>

<P>While there is no hard and fast rule to hacking, most system intrusions can
be divided into four steps. Depending on techniques involved, there could be
less or more, but you should get the basic idea.
<LI> Learn as much as possible about your target before the attack. The
techniques involved can be passive to bordering on mini-attacks themselves.
And plan out your goals. Using your knowledge gained develop a plan, no matter
how small or quick the hack is.</LI>
<LI> Initial access to the system. No doubt about it, this is the real attack
part. This could be anything from ftp access to a sendmail bug to logging in
as a "regular" user. It should either create an opportunity for indirect or
direct access.</LI>
<LI> Full system access. At this level most goals developed can be carried
out -- password file retrieved for cracking, trojan installed, secret file
copied, etc. So this stage usually involves either taking advantage of a bug
that allows higher priviledges to be obtained, taking advantages of misconfigured
system parameters, or a combination of both.</LI>
<LI> Tracks are covered and backdoors installed. System logging is doctored
to remove traces of the attack and what was done during the attack, and either
defenses are lowered or files are tampered with to allow quicker and easier
access. Some experienced hackers even patch the system to keep less experienced
hackers out of the system (who might possibly tip off a Sys Admin through
clumsiness). Once step four is complete, hackers will refer to this system
being owned.</LI>
<P>Of course some steps might be repeated, especially step two. Or maybe an entire
series of mini "1 2 3 4" "1 2 3 4" attacks are used in concert to obtain access
to a system or achieve a goal.
<A HREF="hackfaq-3.html">Next</A>
<A HREF="hackfaq-1.html">Previous</A>
<A HREF="hackfaq.html#toc2">Contents</A>


RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By