I am starting my tune today by wishing everyone in Tech2Time. In fact, there is more or less an emphasis on hacking. But hacking is no longer hacking. There is a lot of burning of wood straw behind this. If you want to be a real hacker, you have to spend time and talent equally. There are many tunes on hacking in Tech2Time. They are also very useful. But the basics of hacking are rarely mentioned. There are only a few tips taught. But to be a real hacker you have to start a long time ago. Today I will discuss a few steps in that regard. In fact, there are many good hackers in Bangladesh. My greetings to them. If there is any mistake in my writing, please look at it with a forgiving look and correct the mistake.
In fact, hacking with keyloggers, or different software, is also a form of hacking, but they are not equally effective in all cases. Therefore, to learn real hacking, you need to have a good knowledge of networking, programming, web hosting, remote access, IP networking and many more, although I myself do not understand the issues at all. However, I am sharing with you as much as I understand. But never mistake it for a hacking technique. Because, it's just a theme or basic for your hacking. In it you will know all the steps. You can do some work yourself. However, understanding a lot of things from here, you need to find out about their use by searching on Google.
Let's take a look at the first few steps of real hacking.
- 1. Gather some specific information
- 2. Scanning the port
- 3. Extract all the information of the target operating system
- 4. Finding fault in the system
- 5. Preparing for a system attack
- . Attacking the system
- . At the end of it all, implement what you want
Data collection
First find out the IP of the website or system you want to hack. This is the most important work. To do this, open a command prompt and type:
ping yoururl.com
Then enter. See if you have got the IP of your website. Then gather detailed information about this IP. Collect all information about the website (such as the owner's email, site services, contact numbers, etc.). These can come in handy later. Then go to this address for all the information including the email of the owner of this domain, domain company, enter your target URL and search.
Then you can go to this address to know the location of the IP address . Anyway, try to find out all the information you need about him with Google search.
Port scanning
Port scanning is the process of finding the way to access the operating system or website. Suppose you steal a house, then you must know which door is open when you enter that house or from which direction it is convenient to enter. This is how it is. This is basically to find out which way is easier or weaker where you will attack. For this you can use any expensive port scanner or you can also use any free software. Its job is to find out which ports on a system are open or closed or running. You can use NMAP or SUPERSCAN software for this purpose. If you reply to UP from that port while scanning the port with NMAP, then you know that the port is running. Download this software with Google search. Then start working. If you do a Google search on its use, you will find many tutorials.
To find the port of your PC, go to Command Prompt and type:
Netstat –no
Then enter. You will see that the ports of your PC are working. Go here to download NMAP .
Information about the operating system
For hacking, you must know the information about the victim's operating system. For example, Victim uses no operating system. Windows or Linux or Unix or Mac? Then you need to find out the version of the operating system. For example, if you use Windows, what is the version, that is, Windows 7, or 8 or XP? If you want to run an accurate attack, you must know about these. If you do not know, you will not be able to access the remote system properly. The tools that are common for this purpose are: NMAP, Netscantool pro etc. Try to collect these with Google search. I hope you will get it very easily.
Finding fault in the system
That is, finding out where a system has flaws or weaknesses. Almost all systems have problems somewhere. It could be a programming problem, a software problem, etc. Now at this stage our job will be to find those problems in the system. To see which port of the system is open or running and to collect detailed information about that port. You can use many tools for this. However, Nessas, Nikto, Core Impact these tools are very good tools for this work. You can see how to use them from different sites on Google.
Final preparation and attack of system attack
At this stage, you have to prepare for the final attack of any system or website attack. For this , you need to find the Apache of the port that has the weakness of the port by searching for the weakness of your system . To find out, type in the command prompt:
telnet your target ip or url port
Or, an example:
telnet 10.127.25.32 80
(Assuming your target IP is 80, enter the port you will find the weakness.)
Type it and press Enter. You see, in the 2nd line you have got your desired object. Now you need to download the exploit code for your Apache and port. This code is some source code or command to run an attack according to the specific weakness of a system. To download it, do a Google search and download and compile it. Diameter, all work done. Now run the attack using this code. It is not possible to say the details of the attack. I will try to say in a tune later. And you can find out how to attack with an exploit code with a Google search. You can also watch YouTube videos.
To search for exploit code
Installing a tool on a remote system and taking full access to the system
This time I assume that you have successfully attacked and gained control of the remote system. What next? You can do as much as you want. Users can steal browsing cookies. You can take the passwords. You can install a keylogger or trojan on the PC for further access. Or you can delete all the log files of that PC or you can copy any file. You can do whatever you want.
However, there is a desire to write more about this later. I will write more if I get a good response.
Thanks everyone. All will be well.
Post a Comment