Ethical Hacking: How to hack a web server

When practicing ethical hacking, a hacker is searching for vulnerabilities. An ethical hacker has several reasons to try gaining unauthorized control of a web server, though the primary reason is to test a server and its software for vulnerabilities.

By using the same tools and methods that malicious attackers rely on, you can attempt to gain access to a server. If successful, you can identify necessary fixes and upgrades that must be performed to improve security and to detect and respond to malicious activity.

Gathering intelligence

The first phase of any hacking attempt generally involves the collection of information about the relevant target. This includes identifying the target system and gathering salient details about its IP address, operating system, hardware, network configuration and infrastructure, DNS records and so on.

This can be done in a variety of ways, but it is most often done by using automated tools that scan a server for known vulnerabilities. Information about a target system’s physical hardware can be found through various means, often by carefully examining the responses various software subsystems send when initiating (or even sometimes rejecting) inbound connections. This information can then be used to narrow down the kinds of software known to commonly run on various hardware configurations.

Hackers use tools that can test for a variety of security issues, including misconfiguration of software present on the targeted server, the presence of common or unchanged default passwords, outdated software in need of updating or patching and similar security issues.

Reconnaissance tools

  • HTTrack: An open-source web crawler which allows users to download entire websites to a local, offline computer for forensic analysis
  • Maltego: An open-source link analysis and data mining tool
  • Nessus: A vulnerability assessment scanner that checks for conditions such as software misconfiguration or deprecation, insecure or missing passwords and denial-of-service (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Infosec. Read the original post at: