In recent weeks we have talked about two of the five phases of Ethical Hacking. If you want to learn in detail everything about the ethical hacking, we recommend you train with our Master in Cybersecurity Management, Ethical Hacking and Offensive Security in EIP.
The first phase was Footprinting or reconnaissance, where we would collect data on the target to find a way to get into their system and the second phase It was him Scanning and enumeration, where we used all the information collected in the first phase to scan the network and list and identify the scanned information and ways to attack the target.
Third phase of Ethical Hacking: Obtain Access
This week we are going to talk about the third phase, Get access, It is one of the most exciting phases of hacking, taking advantage of the vulnerabilities found in the previous phases, the access to the system or target.
Obtaining access is one of the most “harmful” within the ethical hacking cycle. During this phase the “hacker” Do as much damage as possible with attacks such as ransomware, viruses, worms, spyware, keyloggers, and rootkit installation.
Furthermore, once inside the system, the hacker will try get the most valuable information, its success will depend on many factors, for example, the privileges of the users can be decisive for the “hacker” to be able to access it since it may be restricted by permissions, thus preventing access from being achieved.
The hacker will always try to find a user within the system with administrative permissions to try to replicate your profile. If you achieve this, you will be able to access any place on the network and deploy any type of malware.
In summary
Vulnerabilities discovered during the reconnaissance and scanning/enumeration phase are exploited to get access.
The connection method that the hacker uses for an exploit can be through a local area network (via cable or Wi-Fi), locally with a computer or through the Internet.
After gaining access to a system, the hacker must increase his or her privileges to the administrator level in order to gain access to the system. install the application you need, modify data or hide your trace.