Exploit the possiblities


Posted Aug 17, 1999


tags | paper
MD5 | cd379ff35a623341947b39879a1a4d16


Change Mirror Download
<TITLE>The Hack FAQ: Attack Basics</TITLE>
<LINK REL="next" HREF="hackfaq-3.html">
<LINK REL="previous" HREF="hackfaq-1.html">
<LINK REL="contents" HREF="hackfaq.html#toc2">
<BODY BGCOLOR="black" VLINK="gray" TEXT="white" LINK="gray" HLINK="red">
<A HREF="hackfaq-3.html">Next</A>
<A HREF="hackfaq-1.html">Previous</A>
<A HREF="hackfaq.html#toc2">Contents</A>
<H2><A NAME="attackbasics"></A> <A NAME="s2">2. Attack Basics</A></H2>

<H2><A NAME="ss2.1">2.1 What are the four steps to hacking?</A>

<P>While there is no hard and fast rule to hacking, most system intrusions can
be divided into four steps. Depending on techniques involved, there could be
less or more, but you should get the basic idea.
<LI> Learn as much as possible about your target before the attack. The
techniques involved can be passive to bordering on mini-attacks themselves.
And plan out your goals. Using your knowledge gained develop a plan, no matter
how small or quick the hack is.</LI>
<LI> Initial access to the system. No doubt about it, this is the real attack
part. This could be anything from ftp access to a sendmail bug to logging in
as a "regular" user. It should either create an opportunity for indirect or
direct access.</LI>
<LI> Full system access. At this level most goals developed can be carried
out -- password file retrieved for cracking, trojan installed, secret file
copied, etc. So this stage usually involves either taking advantage of a bug
that allows higher priviledges to be obtained, taking advantages of misconfigured
system parameters, or a combination of both.</LI>
<LI> Tracks are covered and backdoors installed. System logging is doctored
to remove traces of the attack and what was done during the attack, and either
defenses are lowered or files are tampered with to allow quicker and easier
access. Some experienced hackers even patch the system to keep less experienced
hackers out of the system (who might possibly tip off a Sys Admin through
clumsiness). Once step four is complete, hackers will refer to this system
being owned.</LI>
<P>Of course some steps might be repeated, especially step two. Or maybe an entire
series of mini "1 2 3 4" "1 2 3 4" attacks are used in concert to obtain access
to a system or achieve a goal.
<A HREF="hackfaq-3.html">Next</A>
<A HREF="hackfaq-1.html">Previous</A>
<A HREF="hackfaq.html#toc2">Contents</A>


RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By