1
00:00:00,360 --> 00:00:04,770
Hello, everyone, welcome back again with a new video on ethical hacking.

2
00:00:05,190 --> 00:00:12,030
In previous videos, I have discussed all about what is hacking types of hackers and many more things.

3
00:00:12,780 --> 00:00:19,530
Hackers are generally intelligent individuals with good computer skills and with the ability to create

4
00:00:19,530 --> 00:00:22,220
and exploit the computer software and hardware.

5
00:00:22,470 --> 00:00:28,230
Their intention could be either to gain knowledge or to dig around to do illegal things.

6
00:00:28,830 --> 00:00:35,620
Attackers are motivated by a desire to know more, while malicious attackers would intend to steal data.

7
00:00:36,000 --> 00:00:41,070
In general, there are five phases in which an intruder advances and attack.

8
00:00:42,020 --> 00:00:51,920
Phase one, reconnaissance, phase two, scanning, phase three, gaining access, phase four, maintaining

9
00:00:51,920 --> 00:00:55,160
access, and phase five, covering tracks.

10
00:00:56,030 --> 00:01:00,080
Let's discuss first phase reconnaissance detail.

11
00:01:00,110 --> 00:01:06,230
Reconnaissance also stands for information gathering, which means gathering any information about our

12
00:01:06,230 --> 00:01:12,470
target, which involves network scanning, either internal or external, without authorization.

13
00:01:13,070 --> 00:01:20,600
This is the phase that allows the potential attacker to strategize his or her attack in simple words

14
00:01:20,870 --> 00:01:25,350
in this phase, which tries to gather information about our target.

15
00:01:25,580 --> 00:01:33,440
So if our target is a Web site, then we can find an information about the IP address of that website.

16
00:01:33,950 --> 00:01:40,700
The website is hosted on which server, what kind of frameworks are used in order to build that Web

17
00:01:40,700 --> 00:01:41,870
site, etc..

18
00:01:42,500 --> 00:01:48,830
Once we complete with the first phase, then we will directly jump into the second phase, which is

19
00:01:48,920 --> 00:01:51,170
scanning in scanning phase.

20
00:01:51,290 --> 00:01:58,210
We actually scan each and every component of the system or the website in order to find vulnerabilities.

21
00:01:58,760 --> 00:02:06,440
So once we find the vulnerability, then the next step is to exploit that vulnerability, which means

22
00:02:06,530 --> 00:02:09,790
in order to take access of that system or our website.

23
00:02:10,460 --> 00:02:17,210
So once we found the vulnerability, then we will try to take the excess of the system by exploiting

24
00:02:17,210 --> 00:02:18,140
that vulnerability.

25
00:02:18,830 --> 00:02:23,480
So in the third phase, we are actually gaining access.

26
00:02:23,480 --> 00:02:30,410
And once we are inside the system, once we are successfully exporting that system, then first step,

27
00:02:30,530 --> 00:02:34,570
which one have to perform is we have to first make a backdoor.

28
00:02:35,450 --> 00:02:37,190
But what is better?

29
00:02:37,820 --> 00:02:39,080
Just what an example.

30
00:02:39,530 --> 00:02:44,390
We are inside one system and somehow we lost access from that system.

31
00:02:44,730 --> 00:02:50,210
Now what we can do, we are not able to get into the system back.

32
00:02:51,250 --> 00:02:54,400
Do we really need to perform the whole process again?

33
00:02:54,910 --> 00:02:56,570
No, I don't think so.

34
00:02:57,040 --> 00:03:00,830
I mean, you can do that, but we are going to be a smart hacker.

35
00:03:01,330 --> 00:03:07,990
So the first process is that once we are inside the system, we try to maintain our control on that

36
00:03:07,990 --> 00:03:08,490
system.

37
00:03:08,680 --> 00:03:15,610
So in order to maintain our access, we can generate our own vulnerabilities by changing some code of

38
00:03:15,610 --> 00:03:22,690
the system so that we can come back into the system whenever we want in order to take access.

39
00:03:23,140 --> 00:03:27,660
So this is what we can do in maintaining access fees.

40
00:03:28,240 --> 00:03:35,470
So once we complete our fourth phase, which is maintaining the access, once we exploit the system,

41
00:03:35,650 --> 00:03:41,190
then the last step is clearing tracks, which means clearing our records.

42
00:03:41,200 --> 00:03:49,900
So what we can do is we can even lift the log files, we can clear the histories even we can change

43
00:03:49,900 --> 00:03:51,730
their registry setting also.

44
00:03:52,420 --> 00:03:55,090
So, guys, these are the five phases.

45
00:03:55,300 --> 00:03:59,320
First one is reconnaissance in which we find the information.

46
00:03:59,380 --> 00:04:05,410
Then the second one is scanning in which we scan the system and find the vulnerabilities.

47
00:04:05,650 --> 00:04:11,140
Then the third is gaining access in which we try to exploit the system.

48
00:04:11,420 --> 00:04:18,730
The fourth one is maintaining access in which we can make a backdoor so that we can come back into the

49
00:04:18,730 --> 00:04:21,060
system in order to take access.

50
00:04:21,670 --> 00:04:27,530
Then the last step is clearing tracks in which we have to clear our footprints.

51
00:04:28,060 --> 00:04:33,890
So these are the five faces which one have to follow to perform a successful hack.

52
00:04:34,600 --> 00:04:36,880
Thank you for watching this video by.