1
00:00:00,060 --> 00:00:00,960
Welcome back, everyone.

2
00:00:01,140 --> 00:00:07,770
I hope you enjoyed the cause so far we have reached out to a very interesting lecture now.

3
00:00:08,450 --> 00:00:13,200
We are going to understand the stages in ethical hacking now.

4
00:00:13,410 --> 00:00:14,540
Why it is important.

5
00:00:15,150 --> 00:00:20,490
It is important because that way you get the idea that you are on track.

6
00:00:20,850 --> 00:00:31,530
You can be able to analyze every every attack, every penetration, every hacking faced by faces.

7
00:00:32,040 --> 00:00:33,540
Just like any activity.

8
00:00:33,540 --> 00:00:36,150
You need a kind of orientation.

9
00:00:36,150 --> 00:00:37,320
You need an approach.

10
00:00:37,320 --> 00:00:40,080
You need activity to be done in phases.

11
00:00:40,080 --> 00:00:40,380
Right.

12
00:00:40,590 --> 00:00:43,800
And that's exactly true for ethical hacking as well.

13
00:00:44,340 --> 00:00:50,490
In order to make this make this broad or the process of ethical hacking.

14
00:00:51,810 --> 00:00:52,960
Easy to understand.

15
00:00:53,310 --> 00:00:55,260
Let me take an example for this.

16
00:00:56,340 --> 00:01:03,680
Let's understand these Seijas stages in the Endecott hacking with one thing, I suppose, and on Army

17
00:01:03,720 --> 00:01:08,430
Army commander has been assigned to attack an army location.

18
00:01:08,710 --> 00:01:14,980
OK, this comes, I mean, to say the enemy location, the target location, basically.

19
00:01:15,810 --> 00:01:21,990
So now you will be angry that he can't he can't straight away, straight away go along with that as

20
00:01:21,990 --> 00:01:24,740
army and attack with its weapons.

21
00:01:24,750 --> 00:01:25,010
Right.

22
00:01:25,350 --> 00:01:28,290
What is really needed for this planning?

23
00:01:28,290 --> 00:01:36,480
But the detail number of people on the enemy location, on the target location, you also need to have

24
00:01:36,480 --> 00:01:38,580
information about the target location.

25
00:01:38,580 --> 00:01:38,840
Right.

26
00:01:39,330 --> 00:01:44,340
You also need to have a, you know, kind of weaknesses for the target.

27
00:01:44,340 --> 00:01:53,130
You need to know at what time the security guards are really available or maybe the the the person who

28
00:01:53,130 --> 00:02:01,240
is on the civilians is available or what time there is a handoff between them and what are the weakest

29
00:02:01,240 --> 00:02:06,560
spot and any moment of your time at any any location in the target location.

30
00:02:06,570 --> 00:02:06,840
Right.

31
00:02:07,500 --> 00:02:14,780
So in that case, what what's the safest way to penetrate and to the target location?

32
00:02:15,420 --> 00:02:23,640
These are all things needed for you to have a specific target, specific attack on the target location.

33
00:02:23,710 --> 00:02:24,020
Right.

34
00:02:24,360 --> 00:02:25,440
So let's get it started.

35
00:02:25,710 --> 00:02:32,580
Let's first understand the first very first stage, that information gathering, information gathering

36
00:02:32,580 --> 00:02:33,240
in the stage.

37
00:02:33,390 --> 00:02:37,800
We simply understand the target being the being the hacker.

38
00:02:37,800 --> 00:02:45,300
We we basically need to collect information about the target, such as IP address, subnet, DNS information,

39
00:02:45,540 --> 00:02:50,460
information about the hosting in case its target is the Web application.

40
00:02:50,910 --> 00:02:57,360
If it is the target machine, then we need to know about which operating system it could be.

41
00:02:57,570 --> 00:03:06,660
If it does the heavy application, we need to know about what what what version of software or database

42
00:03:06,660 --> 00:03:09,930
or web application or APSA was he's running with.

43
00:03:10,350 --> 00:03:16,620
And now, depending on the target, the reconnaissance information varies.

44
00:03:16,840 --> 00:03:25,140
Reconnaissance is basically a way of way of getting the information about the target, its information

45
00:03:25,140 --> 00:03:32,580
and information gathering technique on some of the best tool, I would say, to understand, in fact,

46
00:03:32,580 --> 00:03:36,750
the best tool that you can actually start with is basically the Google search.

47
00:03:36,900 --> 00:03:43,230
You can simply simply go to the Google search and do some research on the target application and get

48
00:03:43,230 --> 00:03:50,340
some helpful information that would be useful to at least get the idea about what the IP address of

49
00:03:50,340 --> 00:03:51,870
the application and all of those stuff.

50
00:03:51,870 --> 00:03:52,080
Right.

51
00:03:52,710 --> 00:03:55,350
Then I'll teach you as we go further.

52
00:03:56,760 --> 00:03:58,980
Some of there are some other tools as well.

53
00:03:59,370 --> 00:04:06,420
The there could be will be making use of some tools like Shodan will be using making use of Annetts

54
00:04:06,450 --> 00:04:09,600
lookup as well for who is lookup as well.

55
00:04:09,600 --> 00:04:14,790
That's the basic tool which is already in the second phase is the scanning.

56
00:04:15,060 --> 00:04:19,230
Now scanning is pretty, pretty important phase over here.

57
00:04:19,600 --> 00:04:22,290
Let's go back to our real world example.

58
00:04:22,680 --> 00:04:27,390
That's the that's where the army commander is now all set.

59
00:04:27,690 --> 00:04:35,430
But it's reconnaissance, his information gathering stage, where he collected all the information about

60
00:04:35,430 --> 00:04:35,930
the target.

61
00:04:35,940 --> 00:04:42,510
But that's not really enough because he need to know the best way to enter the premises.

62
00:04:42,510 --> 00:04:42,690
Right.

63
00:04:42,750 --> 00:04:49,880
They need to know what's the best path he can enter, but he need to know about any weaknesses, any

64
00:04:49,890 --> 00:04:54,510
loopholes in the target machine and similarly in the hacking as well.

65
00:04:55,140 --> 00:04:59,120
Scanning, please help us to understand the way we get into the target.

66
00:04:59,580 --> 00:05:02,670
So it's all about finding the vulnerabilities.

67
00:05:02,700 --> 00:05:10,800
It's all about finding the weaknesses into the target location so that we can use and get the access

68
00:05:10,800 --> 00:05:11,160
into.

69
00:05:11,250 --> 00:05:18,990
Right and some of the some of the information which might help us for this phase would be open ports,

70
00:05:19,980 --> 00:05:30,390
active, active host application or maybe vulnerable applications as well and softer versions as well.

71
00:05:30,480 --> 00:05:38,160
So these information would be needed and this would be collected in the phase of scanning.

72
00:05:38,550 --> 00:05:38,870
All right.

73
00:05:39,180 --> 00:05:42,420
So this third phase is the exploitation.

74
00:05:42,630 --> 00:05:46,330
Now, this is where we actually perform over attack.

75
00:05:46,620 --> 00:05:51,840
This is the phase where we actually perform our real attack.

76
00:05:51,960 --> 00:05:54,910
OK, let's come back to our real world example.

77
00:05:55,290 --> 00:05:57,960
Now, our army commander is all set for that.

78
00:05:58,620 --> 00:06:04,680
Now we know the best way to enter nowe with the help of scanning, with the help of information gathering

79
00:06:04,680 --> 00:06:11,790
stage, we know what's the best path to what's the best route we can get in order to enter into the

80
00:06:12,300 --> 00:06:13,260
target location.

81
00:06:13,260 --> 00:06:13,480
Right.

82
00:06:13,830 --> 00:06:22,290
So now we we just need to launch the attack with my army, I mean, with the army and the weapons as

83
00:06:22,290 --> 00:06:22,540
well.

84
00:06:22,920 --> 00:06:27,570
And this stage, ethical hacker force choose the right kind of attack.

85
00:06:27,990 --> 00:06:34,680
And in the in the ethical hacking world, it could be your malware, it could be a payload and choosing

86
00:06:34,680 --> 00:06:41,040
the right method to deliver it, choosing the right method to deliver that malware or payload into the

87
00:06:41,040 --> 00:06:41,540
network.

88
00:06:41,880 --> 00:06:43,560
And that's the exploitation.

89
00:06:43,770 --> 00:06:44,120
All right.

90
00:06:44,430 --> 00:06:48,600
And there will be multiple tools that we would be we would be making use of.

91
00:06:48,600 --> 00:06:52,800
It could be my best point, which is the free open source platform.

92
00:06:53,760 --> 00:06:59,100
That's the beef as well, which is a browser exploitation framework.

93
00:06:59,460 --> 00:07:00,900
And there are many others.

94
00:07:01,170 --> 00:07:06,330
But these are some of the most popular tool and freely available as well and will be making use of it.

95
00:07:06,990 --> 00:07:15,300
The four stages, maintaining the access sometime it might it might take some time to achieve our objective

96
00:07:15,750 --> 00:07:17,990
while we are in the target system.

97
00:07:18,010 --> 00:07:18,260
Right.

98
00:07:18,540 --> 00:07:21,570
And as an ethical hacker as well, this is completely true.

99
00:07:21,580 --> 00:07:31,950
We might have to go away and come back or maybe maybe in the target system we need to be stay into the

100
00:07:31,950 --> 00:07:33,450
system for a prolonged period.

101
00:07:33,870 --> 00:07:40,370
Also, if the system goes through, the target system, goes offline and comes online, we need to do

102
00:07:40,460 --> 00:07:43,940
we need to have a persistent a sneaky access to the system.

103
00:07:44,340 --> 00:07:51,600
And in order to achieve the desired objective, we need to have we need to keep our access sustainable.

104
00:07:51,610 --> 00:07:55,410
We need to have our connection persistent enough.

105
00:07:55,560 --> 00:07:59,760
So that's why maintaining the access is very, very important in that case.

106
00:08:00,120 --> 00:08:03,510
And at the end, we have a clearing out process.

107
00:08:03,520 --> 00:08:03,740
Right.

108
00:08:04,170 --> 00:08:10,650
So this is very, very important because if we talk about a real world example of a commander might

109
00:08:10,650 --> 00:08:15,570
have or might have, might have successful.

110
00:08:15,570 --> 00:08:15,770
Right.

111
00:08:16,170 --> 00:08:22,820
He might be might might have been successful enough in getting his mission accomplished.

112
00:08:23,250 --> 00:08:27,900
But can he just come back with his team just like the way he.

113
00:08:27,900 --> 00:08:29,930
And the answer is no.

114
00:08:29,940 --> 00:08:36,880
But he can't simply leave all the information related to the operation, otherwise it can be gone before

115
00:08:37,050 --> 00:08:44,060
it can be a confidentiality issues for for the for these commander of the army activity as well.

116
00:08:44,670 --> 00:08:49,420
So some of the best hackers are those who are untraceable.

117
00:08:49,800 --> 00:08:50,160
All right.

118
00:08:50,400 --> 00:08:55,680
That means once they complete their activity, they'd remove all the traces.

119
00:08:55,950 --> 00:09:03,540
They removed everything that could be found to be a witness that can be found while while the well,

120
00:09:03,540 --> 00:09:05,220
the forensics really happen.

121
00:09:05,580 --> 00:09:08,960
So that's a really, really important phase in a way.

122
00:09:09,630 --> 00:09:10,260
Not this.

123
00:09:10,260 --> 00:09:15,780
This is the five very, very important phases as a part of ethical hacking.

124
00:09:16,230 --> 00:09:22,350
And usually, you know, in a process in woman, there could be one more phase as well, which could

125
00:09:22,350 --> 00:09:23,100
be reporting.

126
00:09:23,460 --> 00:09:29,610
That's where whatever you have done, whatever the weaknesses you have collected or where you have been

127
00:09:30,620 --> 00:09:37,920
you where you have been successful enough and exploiting the network, you put all those information

128
00:09:37,920 --> 00:09:40,460
in your report and share it with your client.

129
00:09:40,710 --> 00:09:41,000
Right.

130
00:09:41,250 --> 00:09:49,830
So this is this all becomes a useful for your client so that he can make use of those information to

131
00:09:49,830 --> 00:09:51,210
fix the vulnerability.

132
00:09:51,360 --> 00:09:51,770
All right.

133
00:09:52,110 --> 00:09:55,710
I hope this was useful for you in the next lecture onwards.

134
00:09:55,920 --> 00:09:58,890
Will understand more about the planning and.

135
00:09:59,030 --> 00:10:04,070
Information gathered in stages that we have just talked about in the individual faces, tell them,

136
00:10:04,340 --> 00:10:06,050
keep learning and we'll see you again.

137
00:10:06,380 --> 00:10:06,850
Thank you.