Types of Ethical hacking

Now that we have discussed the various types of Hackers, let’s go over the different types of hacking. We can segregate hacking into different types depending on what the hacker is trying to achieve.

Website Hacking

Hacking a website means taking unauthorized control over a web server and its associated software such as databases and other interfaces.

How to Hack a Website?

Website hacking can take place by:

Hacking via online SQL injection
Hacking with basic HTML coding.
Hacking a website using online SQL injection

The following steps are followed to hack a website using SQL injection:

Step 1: Open google.com by using your system's Firefox and type in inurl: php?id= You will see a list of websites with dork php. Click on any of them.

Step 2: Insert an apostrophe at the end of the url to check if the website is vulnerable. If it says, “you have an error in your SQL syntax”, then it indicates that the website is most likely to be vulnerable and hence proceed.

Step 3: Remove the apostrophe and add order by 2—in order to see how many columns the website has and perhaps the most important work you have to do here. Keep testing with 3--, 4--, 5-- till you receive a message like “unknown column”.

Step 4: Delete the ‘12 order by‘ and replace with null union all select 1,2,3,4,5,6,7,8,9,10-- After the page loads, you will see a few numbers. Pick the top one. For instance, if it is 7 then replace 7 in the url with @@Version. It will show 5.092 community which is great as it means that the database version is over 5 (fundamentally meaning it can be hacked).

Step 5: Now replace @@version with group_concat(table_name) and after the last number, add from information_schema.tables where table_schema=database()--

Step 6: Replace both tables in the url with a column. You will get all the information the website has. Obtain those interesting to you, for example, username, full name etc. Replace column name with username,0x3a,pass and replace all the information tags with users--. You will get all the usernames and passwords associated with the website. If it says ‘unknown username and blank list', it means you have the wrong table, and you will have to go back and look for a different table. It could also mean that you can select another ways to hack a website, like the product.

Step 7: To log in you will have to google admin page finder and then click on the first link. Follow the instructions and get your own admin page finder login. Following this, login with any of the logins you have secured. Click on profile after it logs in and you will find all the details needed.

How to hack a website via basic HTML coding

If you possess basic HTML and JavaScript knowledge, you might just be able to access websites that are password protected. This last method will present to you easy steps on how to hack an account on any website less secured websites of your choice through HTML. Remember that this method only works for websites with very low security details.

Network Hacking

Hacking a network means gathering information about a network by using tools like Telnet, NS lookup, Ping, Tracert, Netstat, etc. with the intent to harm the network system and hamper its operation.

Footprint analysis or Reconnaissance: Footprint analysis or Reconnaissance is the first step typically performed by a network hacker. In Footprint analysis or Reconnaissance, hacker gathers information about the target network. Footprint analysis or Reconnaissance is to map the addresses, devices, operating systems, application running in the target network.

Footprint analysis or Reconnaissance helps attacker to tailor an attack plan to exploit known vulnerabilities configuration errors in the target network.

Attackers use many information which are available in the internet like DNS lookups to find the name and IP address of the target network, WHOIS information to find the contact details name server names etc.

Launch Attack: After performing Footprint analysis or Reconnaissance, hacker gain much information about the target network. The next step is to launch an attack on the target network based of the found vulnerabilities.

Escalate privileges: If the hacker gained access as an normal unprivileged user, then the next step to to escalate the user account to gain administrator-level privilege.

Jump to other servers and devices: Once the hacker is inside the internal network, then he can gain access to other devices inside. Collect additional information like applications running, operating systems, user ids, password etc.

Email Hacking

This includes gaining unauthorized access to an Email account and using it without taking the consent of its owner for sending out spam links, third-party threats, and other such harmful activities.

How does email get hacked?

The most common way email gets hacked are through phishing schemes. Phishing is usually done by sending out an email that looks legitimate and sends the recipient to a fake website and has them enter credentials to “verify” information, which is then stolen.

Mobile Hacking

Phone/Mobile Hacking is the practice of manipulating or gaining unauthorized access to mobile phones, for malicious purposes. There are two types of attack used in the mobile sector and these are:

SMS forwarding.
Bluetooth hacking.
Malicious Website clicking.
Malicious apps.

All of these provide a huge HACK value to an attacker when he/she exploits a mobile system for gaining access partially or at the root level.

Steps to hack an Android:

1. Use ‘msfconsole’ in the terminal to open the Metasploit framework in Kali Linux.

2. Look for the different set of exploits using the command ‘show exploits’ and find the useful exploit for Android.

3. Use ‘exploit meter preter reverse TCP’ to connect and set localhost and local port i.e. attacker IP and port. This will help in the generation of an apk extension file. (Refer to the image below).

4. Set the payload and set all values of LHOST and LPORT and exploit this payload so as to gain a meterpreter connection whenever the victim connects to the android.

5. Install Android x86 in VMware for mobile simulation.

6. Start the Apache service in the attacker profile and manipulate the victim to access, open and install your shared file.

7. is the installation is complete, the meter preter connection is established and the attacker gains access to the victim’s mobile system giving her/him access to all dump files, call history, messages, and even all personal data from the victim’s phone.

8. With different kinds of hacking access modes, the attacker can manipulate and spoof calls and messages from the victim’s phone. They can even access the victim’s phone camera without their knowledge.

Computer Hacking

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or evaluation of a system weaknesses to assist in formulating defenses against potential hackers. The subculture that has evolved around hackers is often referred to as the "computer underground.

Longstanding controversy surrounds the meaning of the term "hacker". In this controversy, computer programmers reclaim the term hacker, arguing that it refers simply to someone with an advanced understanding of computers and computer networks[5] and that cracker is the more appropriate term for those who break into computers, whether computer criminals (black hats) or computer security experts (white hats). A 2014 article noted that "... the black-hat meaning still prevails among the general public"

Website Hacking

Hacking a website means taking unauthorized control over a web server and its associated software such as databases and other interfaces.

Email Hacking

This includes gaining unauthorized access to an Email account and using it without taking the consent of its owner for sending out spam links, third-party threats, and other such harmful activities.

How to Hack Email Accounts: A Beginners’ Guide

Have you ever wondered how cybercriminals hack email passwords? At some point, you may have wondered how to hack email accounts just for the sake of preventing your account from getting hacked. There are several techniques that you can explore to hack the password of an email account. No email account is immune to hacking. Here are some practical ways of hacking email accounts.

How to Hack Email

1. Keylogging

Arguably, this is the easiest option for most people who want to learn how to hack email passwords. Keylogging entails recording every keystroke that is typed in by a user on a computer keyboard. You can do so using a spy program known as a Keylogger.

2. Phishing

This is a more complicated email hacking technique compared to Keylogging. Phishing entails the use of spoofed webpages that are designed to be identical to those of legitimate websites. When carrying out this social engineering hacking technique, phishers typically create fake login pages that resemble Gmail, Yahoo, or other email service providers. Once you attempt to enter your login credentials on the fake login pages, hackers will be able to steal the information right away.

Password Hacking

This is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. Password cracking is the most enjoyable hacks for bad guys. It increases the sense of exploration and useful in figuring out the password. The password cracking may not have a burning desire to hack the password of everyone. The actual password of the user is not stored in the well-designed password-based authentication system. Due to this, the hacker can easily access to user's account on the system. Instead of a password, a password hash is stored by the authentication system. The hash function is a one-way design. It means it is difficult for a hacker to find the input that produces a given output. The comparison of the real password and the comparison of two password hash are almost good. The hash function compares the stored password and the hash password provided by the user. In the password cracking process, we extract the password from an associated passwords hash. Using the following ways, we can accomplish it:

CLICK HERE to know how to hack a mobile