In the previous weeks we have dedicated the topic of the blog to explaining the phases of ethical hacking. Making a brief summary, we have talked about the first three phases:
- Footprinting or recognition, In this phase we collected the data on the target of the attack to find the best way to access their system.
- Scanning and enumeration, this phase consists of two parts, where we used the information collected in phase 1 to explore the network and enumerate and identify the information collected and the ways to attack the target.
- Get access, in this phase exploit vulnerabilities discovered during the previous phases and is one of the most damaging phases within the ethical hacking cycle.
Well, this week we are going to talk about the last two phases: Maintain access and Erase Fingerprints. If you want to learn each of the phases in detail and become a complete expert sector professional, train with our Master in Cybersecurity Management, Ethical Hacking and Offensive Security and stand out from the others.
Maintain access
Being able to maintain access to a system could be the hardest part and possibly the more important of all phases. The hacker secures access to the rootkits and trayans and uses them to launch additional attacks on the network.
Having access to database locations and certain repositories can give the “hacker” personal information, intellectual property, trademark secrets and source codes affiliated with different types of programs or applications that the company has developed. Therefore, depending on the hacker's motives, maintaining access creates many possibilities.
In short, after the effort and time spent in reaching this phase, maintain access is the most important phase for the information theft to be successful. In addition to the risks and the work to avoid being detected, the ethical hacker will try to maintain access to his target until the tasks he wanted to perform are completed.
Erasing fingerprints
Finally we arrive at the last phase within the ethical hacking cycle, where after having come this far, the hacker will take all necessary measures to cover his tracks and ensure that he cannot be located.
A example What the “hacker” must do to leave no trace in the systems is:
- Clear cache and cookies.
- Modify registry values.
- Delete sent emails if any.
- Close all open ports.
- Uninstall the applications you used to achieve your goals.
In summary, after these four weeks we have seen a brief step by step of ethical hacking. We hope you liked it!