Footprinting is the act of gathering information about a computer system and the companies it belongs to. Footprinting is the first step taken by hackers to hack a computer system/network.Footprinting is important because to hack any system the hacker must first have all the information about that system. Below I have given an example of the steps and services a hacker would use to get information of any system from websites:-
1. First, a hacker would begin by gathering information on the targets website. Generally the things a hacker looks for e-mail id’s and names. This information is useful when the hacker is planning to attempt a social engineering attack against the company.
2. Next the Hacker would get the IP address of the website by going to
Here the Hacker would insert the web URL (website’s name like www.facebook.com ) and the website would return the IP address of the website.
3. Next the Hacker would ping the server to see if its active, up and running. If the server is offline, there is no point trying to hack it. Here’s how to check if a server is active or not.
Go to http://just-ping.com and enter either the domain name or IP address which ever convenient and you will see a large amount of information. Just pings a website from 34 different locations in the world. If all the packets went through properly, the server is up else there is no point trying to hack it
4. Next the hacker would do a Wholes lookup on the company website. Go to http://whois.domaintools.com and put in the target website. Here you can see that this gives a huge amount of information about the company. You can find information like campany’s e-mails, address , names when the domain was created , when is it going to expire , The name servers and much more!
5. A hacker can also take advantage of Search Engines to search sites for data. For example, a Hacker could search a website in Google by searching the keyword “site:www.target-site.com” ( without qoutes and your target website after www). This will display every single Page that Google has indexed of that website. You can narrow down the number of results but adding a specific word after the fey word. For e.g. The hacker can enter the keyword “site:www.target-site.com email”, this would list several emails that are published on the website.
Another search that can be done is “inurl:robots.txt” (again without quotes) . This would look for a page called robots.txt. This file (robots.txt) used to display all the directories and pages that a website wishes to keep anonymous from the search engine spiders. Thus, luckily you might come across some valuable information that was meant to be kept private in this file.
Hope it helps. Feel free to pass on comments
Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.
If you want to keep up-to-date on the Ethical Hacking Tutorials news, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.
Tidak ada komentar:
Posting Komentar