Footprinting and Reconnaissance

Hello Peeps!!!

Today I’m going to talk about the Footprinting and Reconnaissance

Footprinting known as Reconnaissance, it is most important part in the hacking. Reconnaissance is the first step before an attack on a network, application or a system.  



What Footprinting is?

Footprinting is the process of collecting information as possible about a target network or a system, for identifying various ways to intrude into an organization’s network system. In here gathers all publically available sensitive data, using several types of tools and methodologies.

Footprinting allows attackers to know the external security posture and flaw of the target organization. It reduces attacker’s focus area to specific range of IP address, networks, domain names and etc.  It allows attacker to identify the vulnerabilities and understand the outline the target organization’s network infrastructure.

Objectives of Footprinting

Collect network information (Domain name, IP address, Private Websites, VPN points, Authentication mechanisms, Network Protocols)

Collect system Information (Users and group names, System banners, Routing tables, Passwords, Remote system types)

Collect Organizations information (Employee details, Organizations web site, security policies, Background of the organization.)

How can we do the Footprinting?

Footprinting through Search Engines

Search engines are the attackers used to extract information about target system or organization such as technology platforms, employee details, login pages and etc. 

Search engines are Google, Yahoo, Bing and etc. Using the several tools we can identify the Operating system in the Organization such as Netcraft, SHODAN and etc.

 Google Earth, Google maps, Bing maps, Social networking sites (Facebook, Twitter), Any Who, People Smart, Private Eye, Veromi, US Search application and web site can use identify location and people information.

Google Finance and Yahoo finance gives market value of organizations shares, company profile, competitor details and etc.

We can gather company’s infrastructure details from job posting and information gathering using Groups, Forum, and Blogs.

Footprinting using advanced Google hacking techniques


Complex query strings are extract sensitive or hidden information and it helps to find the vulnerable targets. It uses advanced Google search operators to locate specific string of text within search results. (link, info, site, inurl, cache and etc.)

Most valuable data base is Google hacking Database. It’s provides lot of searching techniques to gather the information.


Website Footprinting

It refers to monitoring and analyzing the target organization’s web site for information. We can use Wireshark and Burp Suite tools to capture the traffic. Web spiders perform automated searches on the target website and collect specified information such as employee names, emails and etc. (GSA Email spider, Web Data extractor)

We can download the attacking website and it also assists finding directory structure and other valuable information from the mirrored copy without requests to original web server.  Tools are HTTrack, SurfOffline, Black widow, PageNest, Website Ripper Copier, GNU Wget and etc.


Email Footprinting

We can use lot of tools to gather information from Emails then we need to use some email tracking tools. They are Yesware, Zendio, Contact Monkey, Pointofmail, WhoReadMe and etc.

Competitive Intelligence

Competitive Intelligence gathering is the process of identifying, gathering, analyzing, verifying and using information. In here check the when did company begins, how did they developed, what are the organizations plans.

Whois, DNS and Network Footprinting also can be done. To gather the Information Eavesdropping, Shoulder Surfing and Dumpster diving methods also use.  I will explain about these terms in using other blog post.

Footprinting Tools

                Maltego, Recon-ng, FOCA, TcTrace, Netmask, Binging, DNS –Digger, TinEye, Robtex,                       MetaGoofil,Wikto


How to prevent the Footprinting?

  • Restrict the employees to access social networking sites from organization’s network.
  • Configure the web servers to mitigate information leakage.
  • Need to educate the employees in the company about Social engineering attacks and risks.
  • Do not reveal critical data to any papers, annual reports or product catalogs.
  • Use footprint techniques to discover and remove any sensitive data in the organization.
  • Every stored data must be encrypted and all communication must be going through the HTTPS protocol.
  • Enforce the Security Policies and distributes to an employee.
  • Disable the directory listings in the web servers.

References : 
[1]https://www.hackingloops.com/hacking-class-2-footprinting-and-how-it-can-be-helpful-to-hack-systems/
[2]https://mywebclasses.wordpress.com/category/ceh/ceh-02-footprinting-and-reconnaissance/
[3]https://www.sans.org/reading-room/whitepapers/auditing/footprinting-it-it-why-62

This all about the Footprinting. I will bring some interesting topic to next time.

Keep In Touch !!!

S!N3TH

Comments

Post a Comment

Popular posts from this blog

Phishing

Image
Phishing on Course web at SLIIT What Is Phishing?                   Phishing is the attempt to obtain sensitive information such as usernames, passwords and credit card details , often for malicious reasons, by disgusting as a trustworthy entity in electronic communication. What is spear phishing attack ?                   S pear phishing  is an email that appears to be from an individual or business that you know. But it isn't. It's from the same criminal hackers who want your credit card and bank account numbers, passwords, and the financial information on your PC. Introduction ?         First you need know some details about how it will be work. Phishing attack can be done creating web pages like original web sites. Attacker create similar site like original one and host that site in the server and send that link to the target person or group. If they trust that link and enter their information to that fake webpage. In that page store what they ente
Read more

CySCA 2014 Web Penetration Testing Write-up

Image
Hellow Peeps !!! Today I bring some interesting hacking challenge walkthrough. Let's see what it is, CySCA2014 Web Penetration Testing Write-up We need to first setup the cysca2014 box in VM. When the VM configuring we can check connectivity is their using ping commands. Web Penetration Testing 1 – Club Status Turn on the intercept in the burp suit and go to the web site using cysca2014 IP address. Then you can see the GET request. There are two cookies called PHPSESSID and VIP. Then we have to edit the VIP cookie value from 0 to 1 and forward the request. Then we need to forward this packet in burp suite. Then we can get a website. Index.php Now we cannot access the blog. Now we need to change VIP 0 to 1 then we can access the blog.   Now we can access Blog. Web Penetration Testing 2 – Om nom nom nom After completing challenge 1, you can browse on the Blog page. There is
Read more

Double Submit Cookies Patterns

Image
Cross-Site Request Forgery (CSRF)  Cross-Site Request Forgery (CSRF) is a type of attack that occurs when a malicious web site, email, blog, instant message, or program causes a user’s web browser to perform an unwanted action on a trusted site for which the user is currently authenticated. The impact of a successful CSRF attack is limited to the capabilities exposed by the vulnerable application. For example, this attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. In effect, CSRF attacks are used by an attacker to make a target system perform a function via the target's browser without knowledge of the target user, at least until the unauthorized transaction has been committed. Impacts of successful CSRF exploits vary greatly based on the privileges of each victim. When targeting a normal user, a successful CSRF attack can compromise end-user data and their associated functions. If the targeted end user is an
Read more