What is Hacking
Hacking is the act of identifying and then exploiting computer vulnerabilities/weakness usually to gain unauthorized access to personal or organizational data.Who is a Hacker
A hacker is an individual who possesses advanced skills in computer programming and technology, allowing them to gain unauthorized access to computer systems, networks, or data. The term “hacker” has evolved and can be associated with various motivations and ethical stances. While some hackers use their skills for malicious activities, such as stealing information or spreading malware (black hat hackers), others may work ethically to identify and fix vulnerabilities in systems (white hat hackers). The term “hacker” is broad and encompasses a diverse range of individuals with different intentions and skill sets in the realm of cybersecurity.
Types of Hackers
1.Black Hat Hackers: Malicious actors who exploit vulnerabilities for personal gain or to engage in cybercrime activities.
2. White Hat Hackers: Ethical hackers employed to strengthen cybersecurity, identifying and fixing vulnerabilities to protect systems.
3. Grey Hat Hackers: Operate between ethical and malicious hacking, breaching systems without authorization but with good intentions, often seeking recognition.
4. Hacktivists: Individuals with a social or political agenda, targeting organizations or individuals to promote their cause through digital means.
5. Script Kiddies: Lacking advanced skills, they use existing hacking tools and scripts to exploit vulnerabilities without a deep understanding of technology.
IP Address (Internet Protocol Address)
An IP address is a unique address typically assigned by an internet service provider (ISP) that identifies a device on the internet. it is associated to a specific computer or network for a period of time or permanently it is the IP address that allows the computers to send and receive information within the internet.
There are two versions of IP Addresses that are commonly used on the internet
- IPV4: IP stands for Internet Protocol and v4 stands for Version Four (IPv4). IP version four addresses are 32-bit integers which will be expressed in decimal notation. EX. 192.168.0.172 this is an example of Ipv4 Address
- IPV6: Internet Protocol version 6 (IPv6) is the most recent version of the IP IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion and was intended to replace IPv4. The primary reason to make the IPv6 address is because of the exhustion of IPv4. IPv4 is based on 32-bit addressing, limiting it to a total of 4.3 billion addresses. IPv6 is based on 128-bit addressing and can support 340 undecillion, which is 340 trillion3 addresses. Example of IPV6 address 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Types Of IP Address
- Private IP: Each device connected to a home network uses a private IP because this IP is only accessible within the home network and it is not facing the internet directly. device with private IP Devices might include computers, tablets, smartphones, Smart TVs etc.
- Public IP Address: A public IP address is a unique IP address assigned to your network router by your internet service provider which makes all the devices connected to the router have internet access, meaning multiple devices sharing the same internet connection will also share the same public IP address
- Dynamic IP Address: A dynamic IP address is an IP address that an ISP lets you use temporarily, this IP changed for all devices using it and a IP will be assigned to a different person when not in use
- Static IP Address: Unlike Dynamic IP Address, A Static IP Address never change once they’re assigned by the network. While most internet users and businesses don’t require static IP addresses, they’re a requirement for businesses that wish to host their own web servers. A static IP address ensures that all websites and email addresses associated with a certain web server will always have a consistent IP address so it can be reached on the internet.
Exploit Database (ExploitDB) is a widely used online platform that provide a comprehensive collections of exploits to various vulnerabilities, developed for use by penetration testers and vulnerability researchers
The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE (Common Vulnerabilities and Exposures) compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
How to Search for Exploit on Exploit-db
- Visit exploit-db website
- Search for a vulnerability e.g. ms17-010
This will display all the available exploit related to the vulnerability for us
SOME OPTIONS TO KNOW
Date: Date the bexploit was posted
D: Download
V: Verified which if it is tick it means this exploit or code has been tested and verified
Title: The description of the exploit
Local file inclusion (LFI) vulnerability
Introduction to Local File Inclusion.
Local file inclusion (LFI) is a web vulnerability that lets a malicious hacker access, view, run or expose files on the web server. this may also lead to information disclosure, cross-site scripting (XSS) and remote code execution.
In a web application, many back-ends programming languages often include files from the server using HTTP parameter to display contents on a webpage, LFI occurs when such functionalities are not securely coded, an attacker may manipulate these parameters to display the content of any local file on the hosting server.
Example:
The below url is a link to a web page which filename.php is the file/page the web application is trying to load, a attacker can manipulate the input and include another file or directory
http://example.com/?file=filename.php
An attacker can manipulate these file parameter to access sensitive files
http://example.com/?file=../../../../etc/passwd
In this case, if the web application doesn’t properly validate input, it might include the /etc/passwd file, revealing sensitive information.
File Inclusion vulnerabilities can occur in many of the most popular web servers and development frameworks, like PHP, NodeJs, Java, .Net, and many others. Each of them has a slightly different approach to including local files, but they all share one common thing loading a file from a specified path we will only focus on PHP web applications running on a Linux back-end server.
Local File Inclusion Vulnerabilities are often found in web application functions that handle input without proper validation Such functions include include_once(), require(), require_once(), file_get_contents(), fopen(), and several others as well.
Join AlphaSecTech Pro for premium Lecture on LFI
Join the number one provider in IT Services and Training, Join Alpha Security Technology Pro Subscription.
Newer Posts