The Hack FAQ

2.0 Attack Basics

2.1 What are the four steps to hacking?

While there is no hard and fast rule to hacking, most system intrusions can be divided into four steps. Depending on techniques involved, there could be less or more, but you can get the basic idea.

  1. Learn as much as possible about your target before the attack. The techniques involved can be passive to bordering on mini-attacks themselves. And plan out your goals. Using your knowledge gained to develop a plan, no matter how small or quick the hack is.
  2. Initial access to the system. No doubt about it, this is the real attack part. This could be anything from FTP access to a sendmail bug to logging in as a "regular" user. It should create an opportunity for either indirect or direct access.
  3. Full system access. At this level, most goals developed can be carried out: password file retrieved for cracking, trojan installed, secret file copied, etc. This stage usually involves either taking advantage of a bug that allows higher priviledges to be obtained, taking advantages of misconfigured system parameters, or a combination of both.
  4. Tracks are covered and backdoors installed. System logging is doctored to remove traces of the attack and what was done during the attack, and either defenses are lowered or files are tampered with to allow quicker and easier access. Some experienced hackers even patch the system to keep less experienced hackers out of the system (who might possibly tip off a administrator through clumsiness). Once step four is complete, hackers will refer to this system as being owned.

Of course, some steps might be repeated, especially step 2. Or maybe an entire series of mini "1-2-3-4-1-2-3-4" attacks are used in concert to obtain access to a system or achieve a goal.

Top | Next: Account Basics | Previous: Administrivia | Table of Contents