HOW WEBSITE GET HACKED ?
Hello friend welcome to @STEEMIT
If a month ago anyone ask me this question then my reply must be “I don’t know how?” but since last month I saw some circumstances which gave me lot of knowledge about the word(“Hacking”). So I tried to learn more about Hacking, and what I found was that the ratio of website hacking is high in the IT Industry . Today everyone is aware about this illegal incident(Hacking). I read a quote of American Businessmen, Security consultant and also a great Hacker Kevin Mitnick –
Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.
While I was learning i found some sort of techniques which is widely used by Hackers,
and came to know that there are different categories of hackers ->
Black Hat : Black-hat hackers, or simply “black hats,” are the type of hacker the popular media seems to focus on. Black-hat hackers violate computer security for personal gain (such as stealing credit card numbers or harvesting personal data for sale to identity thieves) or for pure maliciousness (such as creating a botnet and using that botnet to perform DDOS attacks against websites they don’t like.)
Gray Hat: Very few things in life are clear black-and-white categories. In reality, there’s often a gray area. A gray-hat hacker falls somewhere between a black hat and a white hat. A gray hat doesn’t work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things.
White Hat: White-hat hackers are the opposite of the black-hat hackers. They’re the “ethical hackers,” experts in compromising computer security systems who use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes.
Some people hack website for fun while some for benefits/gain and security purpose but all of them are using some basic techniques which are as follows :
- XSS(cross site Scripting by pass access controls)
- SQL(Sql injection – Enumerate database)
- LFI(Local file inclusion : “an attacker to traverse a file system”)
- RFI(Remote file inclusion: “Execute a Remote File on a web server to steal data”)
- URL Manipulation
There are some step for attacking a target if followed properly can result in a successful attack :
Foot Printing : Passively gaining Information
Scanning : Mapping the Network
Enumeration : Finding Vulnerabilities
Gaining Access : Penetration
Maintaining Access : Setting up back doors
Covering Tracks : Altering logs and hiding Activities
Finally I would like to request to those who do hacking just for fun. Please don’t do this just for fun because
With Great Power Comes Great Responsibility
Happy Hacking!!!!!!!