How to do Network Hacking| beginners guide

In this article, we’re going to see about Network Hacking. How to do it? and countermeasures.

Note-> Only for educational purpose.

We’re going to learn about.

  1. Footprinting
  2. Port scanning
  3. Banner Grabbing
  4. Searching Vulnerabilities.
  5. Penetrating

So let’s start with,

Footprinting

footprinting

In this phase, the hacker gathers the information of the computer system and the entities they belong to. This collected information will help the hacker later to perform an attack on the system. They can get information using various tools and methods.

First, the hacker will look for names and email addresses on the website or on the network. The email can help the hacker to perform any type of social engineering attack.

Next, the hacker will find the IP address of the system or the network. Then he will ping the IP address to see if it’s responding or not.

The next step will be Whois lookup of the IP address. One can get a lot of information from whois lookup of the IP address.

The next thing the hacker will check is the robots.txt file on the website. For those who don’t know what is robots.txt, It displays the directory and pages of the website which the websites want to be anonymous. So one can find some valuable pages or information in the robots.txt file.

Now we have studied the basics of footprinting let’s get on to the next step.

Port Scanning

Network hacking- port scanning

In Port scanning the hacker scans for different types of open ports on the network. Once the hacker finds all the services running on the network they can search for the vulnerability.

There is one famous tool for doing port scanning which is NMap. There are lots of tools to do port scanning but NMap is the oldest and maybe one of the best.

You can install Nmap in your LINUX or WINDOWS machine for windows machines there is a GUI of this tool called zenmap.

You can do scan a network for all the open ports

There are total 65535 ports and Nmap can scan all of them for you.

Some common port numbers are,

20File Transfer Protocol (FTP) Data Transfer
21File Transfer Protocol (FTP) Command Control
22Secure Shell (SSH) Secure Login
23Telnet remote login service, unencrypted text messages
25Simple Mail Transfer Protocol (SMTP) E-mail routing
53Domain Name System (DNS) service
67, 68Dynamic Host Configuration Protocol (DHCP)
80Hypertext Transfer Protocol (HTTP) used in the World Wide Web
110Post Office Protocol (POP3)
119Network News Transfer Protocol (NNTP)
123Network Time Protocol (NTP)
143Internet Message Access Protocol (IMAP) Management of digital mail
161Simple Network Management Protocol (SNMP)
194Internet Relay Chat (IRC)
443HTTP Secure (HTTPS) HTTP over TLS/SSL
src -> wikipedia

Nmap can not only scan open ports for you but it can also tell you information about the operating system running on the server.

If you want to learn more about Nmap CLI version click here.

Now the hacker knows all the services and version information running on the server. Now let’s proceed to next step.

Banner Grabbing

Network hacking - banner grabbing

Now the hacker knows the services running on the network. In banner grabbing the hacker tries to know the software and version on which the service is running.

There are lots of tools which can perform the banner grabbing attacks.

The most used and best tool for banner grabbing is telnet.

First, the hacker select one of the open ports that were revealed in the port scanning.

Next, the telnet will connect to the target, and when the target responds it will grab the banner and tell you the software name and version info.

Searching For Vulnerability

Network hacking - search vulnerability

Now the hacker has the information of the service and knows the software and the version information of the service. Now the hacker will search the related exploit and vulnerability on the internet for the network hacking.

There are lot’s of websites and tools for finding exploits, let’s see some of them.

  1. Exploit-DB
  2. Rapid 7
  3. CVE
  4. Vulndb

And there are lots of website and software to find exploit, And if you are good coder you can write your own exploit.

Penetrating

Network hacking - penetrating

Now that hacker find all the information and the right exploit to execute. They can just launch the exploit and penetrate the network.

If you have an exploit from rapid 7 then it can run on metasploit.

Most of the exploit you download from Exploitdb or vulndb are written in c or python or perl. You just need to execute the program with right IP address and information.

Congratulation you successfully infiltrated the network.

Countermeasure and Safety Tips

  1. Keep all your software up to date. to be safe from Network hacking.
  2. Always implement a firewall.
  3. Update your Anti-virus.
  4. Always scan your system for viruses and Malware.

Share the Post...
WhatsApp

About Cybervie

Cybervie provides best cyber security training program in hyderabad, India.This cyber security course enables you to detect vulnerablities of a system, wardoff attacks and manage emergency situations. Taking a proactive approach to security that can help organisations to protect their data, Cybervie has designed its training module based on the cyber security industry requirements with three levels of training in both offensive and defensive manner, and use real time scenarios which can help our students to understand the market up-to its standard certification which is an add on advantage for our students to stand out of competition in an cyber security interview.

More Info – Click Here

Recent Posts

Follow Us on Youtube

CSEP : Certified Security Engineer Professional

Certified Security Engineer Professional (CSEP) certification is a comprehensive program designed for individuals aspiring to become cybersecurity engineers. It equips candidates with hands-on knowledge across various in-demand cybersecurity domains, ensuring they are well-prepared for current and future industry needs.

Organizations today seek candidates with a diverse set of skills beyond just one tool or area of expertise. The CSEP certification addresses this need by providing essential hands-on experience, making you proficient in multiple cybersecurity domains.

The program includes live classes featuring practical exercises, followed by a real-time project that offers valuable industrial knowledge.

Domains covered in the CSEP certification:

  • Cybersecurity Essentials
  • Penetration Testing
  • Application Security
  • Security Operations
  • AI in Cybersecurity
  • Multi-Cloud Security
  • Threat Intelligence

 

This certification is ideal for those looking to secure a role as a cybersecurity engineer and want to gain a competitive edge in the cybersecurity field.

For Further kindly feel free to fill out the profile form  for relevant information on our counselor will get in touch with you

Sign up for our Newsletter

Interested in Cyber Security Training Program 2024 – Click Here
Open chat
1
Hello 👋
How can we help you?