Ethical Hacking | Footprinting
Footprinting means gathering information about a target system that can be used to execute a successful cyber attack. To get this information, a hacker might use various methods with variant tools. This information is the first road for the hacker to crack a system. There are two types of footprinting as following below.
- Active Footprinting: Active footprinting means performing footprinting by getting in direct touch with the target machine.
- Passive Footprinting: Passive footprinting means collecting information about a system located at a remote distance from the attacker.
Different kinds of information that can be gathered from Footprinting are as follows:
- The operating system of the target machine
- IP address
- Network map
- Security configurations of the target machine
- Email id, password
- Server configurations
Sources are as follows:
- Social Media: Most people have the tendency to release most of their information online. Hackers use this sensitive information as a big deal. They may create a fake account for looking real to be added as friends or to follow someone’s account for grabbing their information.
- JOB websites: Organizations share some confidential data on many JOB websites like monsterindia.com. For example, a company posted on a website: “Job Opening for Lighttpd 2.0 Server Administrator”. From this, information can be gathered that an organization uses the Lighttpd web server of version 2.0.
- Google: Search engines such as Google have the ability to perform more powerful searches than one can think and one had gone through. It can be used by hackers and attackers to do something that has been termed Google hacking. Basic search techniques combined with advanced operators can do great damage. Server operators exist like “inurl:”,”allinurl:”,”filetype:”, etc.
For example, devices connected to the Internet can be found. A search string such as inurl: “ViewerFrame?Mode=” will find public web cameras. “The “link:” search operator that Google used to have, has been turned off by now (2017)”.
Google can be used to uncover many pieces of sensitive information that shouldn’t be revealed. A term even exists for the people who blindly post this information on the internet, they are called “Google Dorks”.
- Social Engineering: There are various techniques that fall in this category. A few of them are:
- Eavesdropping: The attacker tries to record the personal conversation of the target victim with someone that’s being held over communication mediums like the Telephone.
- Shoulder Surfing: In this technique, Attacker tries to catch the personal information like email id, password, etc; of the victim by looking over the victim’s shoulder while the same is entering(typing/writing) his/her personal details for some work.
- Archive.org: The Archived version refers to the older version of the website which existed a time before and many features of the website have been changed. archive.org is a website that collects snapshots of all the websites at a regular interval of time. This site can be used to get some information that does not exist now but existed before on the site.
- An Organization’s Website: It’s the best place to begin for an attacker. If an attacker wants to look for open-source information, which is information freely provided to clients, customers, or the general public then simply the best option is: “ORGANISATION’s WEBSITE”.
- Using Neo Trace: NeoTrace is a powerful tool for getting path information. The graphical display displays the route between you and the remote site, including all intermediate nodes and their information. NeoTrace is a well-known GUI route tracer program. Along with a graphical route, it also displays information on each node such as IP address, contact information, and location.
- Who is: This is a website that serves a good purpose for Hackers. Through this website information about the domain name, email-id, domain owner, etc; a website can be traced. Basically, this serves as a way for Website Footprinting.
- Footprinting allows Hackers to gather the basic security configurations of a target machine along with network route and data flow.
- Once the attacker finds the vulnerabilities he/she focuses on a specific area of the target machine.
- It allows the hacker to identify as to which attack is handier to hack the target system.
- Avoid posting confidential data on social media websites.
- Avoid accepting unwanted friend requests on social media platforms.
- Promotion of education on various hacking tricks.
- Usage of footprinting techniques for identifying and removing sensitive information from social media platforms.
- Proper configuration of web servers to avoid loss of information about system configuration.