How to hack the network Server
In our first hacking preparing session we had learn how to prepare for a Hack such as what are the language skills are required, how to select the tools and targets. In this session we are going to look how to things you should take care while and after hacking a target. Here we are going to look How to hack the network Server, how to hack a network computer, How to get into the target, how to gain access, how crate backdoor and how to clear the tracks are the topics in this session.
1) Secure yourself.
Before you start the hack you should make sure you are not going to race back. Meantime you must make sure that you have understood all techniques to make safe yourself.
If you are going to attack the target or network with permission as a White Hat Hacker, you should get the permission in writing. This will help you that you are a authorize person to attack and check the security level. When it’s a white hat hack make sure you are not using any illegal or crack software, in a commercial environment this type of software are put you in trouble.
But if you are a Black Hat hacker no matter what are you going to use and what will be the impact of the attack. Before start the attack. If you use the VPNs you can make sure you are in safe.
2) Analysis the objective.
When you are ready to attack the system you or network you can use the ping command to check the availability of the network. When you get the positive reply mean the target is active and live. But the result cannot be trusted all times. Because some the Administrator can shut or disable the ICMP reply facility.
3) Use terminal for commands.
There are several command line terminals are available and most of them are open source. You can download and use those without any problem. Nmap, Cygwin,WinPCap are some. Cygwin will support for windows users also. But Nmap useWinPCap to runs on Windows.You can use Linux or BSD which are more flexible and most of them are with may preinstalled useful tools
4) Identify the OS.
Before start the attack you must identify the target and Os. You can scan the ports using nmap and select the open ports. When you got in to the open port you can open the machine and get the details of the OS using the nmap tool with –O, after that you can easily get the details of switch and it will give all the details of the Firewall and routers they are using and you can plan an action.
5) Locate an open port.
Usually the ports which are using frequently such as HTTP (80), FTP (21) well protected by the System Admin and keep those ports are locked. But hackers use take advantage on the other ports to get into the system. Try other TCP, UDP ports those are forgotten by most. Telnet or UPD ports which are using for LAN gaming and sometimes left open
6) Crack the authentication process.
We can crack the passwords in several ways such as bruteforce or Dictionary attack. When you select the bruteforce attack on a site or system the password is an effort to try every possible password contained in the dictionary.
But when you use the bruteforce attack you must consider that the systems encourage the users to use a hard password. So it will take time to crack the passwords. Most of the hashing algorithm is weak you can improve the cracking speed to cut thas in segments. If the MD5 has you can cut pieces you increase the speed.
Some tools are using GPU (Graphic Processor) which is thousand time faster than the normal system processor.
7) Get the super-user privileges.
Once you got into the system always try to get root privilege (Super Admin) when if it’s a Linux machine target *nix or Windows get the access of Administrator. Most of the information that will be of critical curiosity is sheltered and you need a certain level of authentication to get that. if you want to see all the important files on a system attacker must need super-user privileges.
8) Use diverse tricks to get The Super user account.
Hacker use several tactics to gain the super user access like creating Buffer Overflow, which cause the memory to dumb and that allow the attacker to inject the code or perform a task at a higher level than you’re normally authorized.
9) Create a backdoor.
When attacker succeeded to hack and get the access of full control over the system, must make sure that come back again without any delay or problem. It can be done through a backdoor. Sometimes it may be removed when the system admin upgrade the services. But a well experienced hacker can make the backdoor compile itself
10) Cover your tracks.
After finishing all the JOBs you must make sure that the administrator won’t get alarm on that the system is compromised. For that don’t change any single thing in the target to don’t produce any unnecessary additional file or users in the target act as quick as possible. Once you pack the server with SSHD or other way you must make sure the secret password is encrypted and hardcoded and when any one tries to login using the password system should let them in but not contain any sensitive information.