Footprinting is an important part of the hacking process, as it allows the hacker to gather information about the target system that can be used to exploit it. By using various Footprinting methods, a hacker can get the information they need to launch a successful attack. There are two types of Footprinting.
Active Footprinting:
Active footprinting means performing footprinting by getting in direct touch with the target machine. This can be done in a number of ways, including pinging the machine to see if it is online, or trying to connect to it via SSH or FTP. If the machine is online, active footprinting can also involve trying to guess the administrator’s password, or looking for open ports that might be vulnerable to attack.
Passive Footprinting:
Passive footprinting is a process of collecting data about a specific target using innocuous methods. These methods can include performing a Google search, looking through Archive.org, using NeoTrace, browsing through employees’ social media profiles, looking at job sites and using Whois.
Passive footprinting is a stealthier approach to footprinting because it does not trigger the target’s IDS. This makes it an ideal method for gathering information about a target without being detected.
Footprinting can be a useful tool for both security researchers and attackers. Security researchers can use it to gather information about a target in order to identify potential vulnerabilities. Attackers can use it to gather information about a target in order to plan an attack.
Different kinds of information that can be gathered from Footprinting:
- The operating system of the target machine
- Firewall
- IP address
- Network map
- Security configurations of the target machine
- Email id, password
- Server configurations
- URLs
- VPN
Sources:
- Social Media: Most people tend to release a lot of sensitive information online without realizing it. Hackers can use this information to their advantage, for example by creating fake accounts that look real in order to add someone as a friend or follow their account. This gives them access to that person’s information which they can then use for whatever purpose they have in mind.
- Google: The term “Google hacking” refers to the practice of using the Google search engine to find information that is not intended to be publicly available. This can be done by using advanced search operators, or by exploiting vulnerabilities in websites. Google hacking can be used for a variety of purposes, including finding sensitive information, such as passwords and financial data, or for launching attacks against websites. In some cases, attackers have even been able to use Google to find vulnerabilities in systems that are not connected to the internet.
- JOB websites: Organizations share some confidential data on many JOB websites like monsterindia.com. For example, a company posted on a website: “Job Opening for Lighttpd 2.0 Server Administrator”. From this, information can be gathered that an organization uses the Lighttpd web server of version 2.0. The organization might be using this server for its website, email, or other Internet-based services. By knowing which web server an organization is using, an attacker can find known vulnerabilities for that server software and attempt to exploit them. This could lead to the attacker gaining access to the organization’s internal network, sensitive data, or other resources.
- Archive.org: The Archived version of a website is an older version of the site that existed at a time before the current version. Many features of the website may have changed since the archived version was created. However, archive.org is a website that collects snapshots of all websites at regular intervals of time. This site can be used to get some information that does not exist now, but may have existed before on the site.
- Social Engineering: Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. Social engineering attacks are usually targeted at specific individuals or groups, and they often exploit the trust that people have in their friends, family, and colleagues. In many cases, social engineering attacks are used to gain access to sensitive information, such as passwords or credit card numbers. In other cases, social engineering attacks may be used to spread malware or to launch attacks against other systems.
Conclusion:
- Avoid posting confidential data on social media websites.
- Avoid accepting unwanted friend requests on social media platforms.
- Promotion of education on various hacking tricks.
- Usage of footprinting techniques for identifying and removing sensitive information from social media platforms.
Top ,.. top top … post! Keep the good work on !