Unit IV: Enumeration ( Hinglish )

Topic 1: Enumeration Techniques

Definition: Enumeration ek process hai jisme target system ke baare mein detailed information nikali jaati hai, jaise usernames, network shares, aur services, jisse potential attack vectors identify kiye jaa sakein.

Subtopics:

  1. Open Services Enumeration:

    • Services ko identify karna jo open ports par run ho rahi hoti hain (e.g., HTTP, FTP, SSH).

    • Tools jaise Nmap aur Netcat ka use karke services ko enumerate kiya jaata hai.

    • Example: Nmap use karke discover karna ki server pe Apache (HTTP) port 80 par aur FTP port 21 par run ho raha hai.

  2. User Account Enumeration:

    • Target system se valid usernames ya email addresses extract karna.

    • Techniques mein brute-forcing, LDAP query karna, ya misconfigured services ka exploitation include hai.

    • Example: Kerbrute ka use karke Active Directory environment mein valid usernames ko enumerate karna.

  3. Network Share Enumeration:

    • Target network pe shared folders ya drives ko identify karna.

    • Tools jaise enum4linux aur smbclient ka use kiya jaata hai is purpose ke liye.

    • Example: smbclient ka use karke Windows server par shared folders list karna.

  4. DNS Enumeration:

    • DNS records (e.g., A, MX, TXT) ko extract karna taaki target ke domain ke baare mein information gather ki ja sake.

    • Tools jaise dig aur DNSenum ka use hota hai DNS enumeration ke liye.

    • Example: dig ka use karke target website ke subdomains (e.g., mail.example.com) find karna.

Mind Map/Crux Line: Enumeration Techniques → Open Services, User Accounts, Network Shares, DNS → Identify Attack Vectors.

Topic 2: Exploitation Techniques

Definition: Exploitation ka matlab hai un vulnerabilities ko use karna jo enumeration ke dauran identify ki gayi hoti hain, taaki unauthorized access target system tak gain kiya ja sake.

Subtopics:

  1. Penetration Testing Tools:

    • Tools jaise Metasploit, SQLmap, aur Burp Suite ka use karke vulnerabilities ko exploit kiya jaata hai.

    • Example: Metasploit ka use karke Windows SMB vulnerability (e.g., EternalBlue) ko exploit karna.

  2. Password Cracking:

    • Tools jaise John the Ripper aur Hashcat ka use karke weak passwords ko crack kiya jaata hai.

    • Techniques mein dictionary attacks, brute-force attacks, aur rainbow table attacks shamil hain.

    • Example: John the Ripper ka use karke ek weak password hash ko crack karna jo database se milaa tha.

  3. Privilege Escalation:

    • Initial exploitation ke baad higher-level access gain karna (jaise root ya admin).

    • Techniques mein misconfigured permissions ka exploitation ya kernel vulnerabilities ka use hota hai.

    • Example: Dirty COW (CVE-2016-5195) ka use karke Linux system pe privilege escalation karna.

  4. Post-Exploitation Activities:

    • Access maintain karna, tracks cover karna, aur data exfiltrate karna exploitation ke baad.

    • Tools jaise Meterpreter aur Cobalt Strike ka use post-exploitation ke liye hota hai.

    • Example: Target system pe ek backdoor install karna taaki access maintain ho sake.

Mind Map/Crux Line: Exploitation Techniques → Pen Testing Tools, Password Cracking, Privilege Escalation, Post-Exploit → Gain and Maintain Access.

Topic 3: Attack Vectors

Definition: Attack vectors wo paths ya methods hote hain jinse target system ki vulnerabilities ko exploit kiya jaata hai.

Subtopics:

  1. Wardialing:

    • Phone lines ko scan karna taaki modems jo target network se connected hote hain, unhe identify kiya ja sake.

    • Tools jaise WarVOX aur ToneLoc ka use wardialing ke liye hota hai.

    • Example: WarVOX ka use karke company ke internal network se connected ek modem ko discover karna.

  2. Network Scanning:

    • Target network pe active devices aur open ports ko identify karna.

    • Tools jaise Nmap aur Masscan ka use network scanning ke liye hota hai.

    • Example: Ek company ke network ko scan karna taaki open ports, jaise HTTP (port 80) ya SSH (port 22), identify kiye ja sakein.

  3. Operating System Vulnerabilities:

    • Target ke operating system (e.g., Windows, Linux) mein vulnerabilities ko exploit karna.

    • Example: Windows SMB vulnerability (e.g., EternalBlue) ka use karke system access gain karna.

  4. Web Application Vulnerabilities:

    • Web applications mein vulnerabilities ko exploit karna (e.g., SQL injection, XSS).

    • Tools jaise Burp Suite aur OWASP ZAP ka use web application testing ke liye hota hai.

    • Example: SQLmap ka use karke ek SQL injection vulnerability ko exploit karna.

Mind Map/Crux Line: Attack Vectors → Wardialing, Network Scanning, OS Vulnerabilities, Web App Vulnerabilities → Exploit Target System.

Topic 4: Tools for Enumeration and Exploitation

Definition: Wo tools jo enumeration aur exploitation ke liye use kiye jaate hain, taaki target system ki vulnerabilities identify aur exploit ki ja sakein.

Subtopics:

  1. Nmap:

    • Ek network scanning tool hai jo hosts, services, aur open ports discover karta hai.

    • Example: Nmap ka use karke target network ko scan karna aur open ports identify karna.

  2. Metasploit:

    • Ek penetration testing framework hai jo vulnerabilities ko exploit karne ke liye use hota hai.

    • Example: Metasploit ka use karke Windows SMB vulnerability (e.g., EternalBlue) ko exploit karna.

  3. Burp Suite:

    • Ek web application testing tool hai jo vulnerabilities jaise SQL injection aur XSS identify aur exploit karta hai.

    • Example: Burp Suite ka use karke HTTP requests ko intercept aur manipulate karna taaki vulnerability exploit ki ja sake.

  4. John the Ripper:

    • Ek password cracking tool hai jo weak passwords ko crack karne ke liye use hota hai.

    • Example: John the Ripper ka use karke ek password hash ko crack karna jo database se milaa tha.

Mind Map/Crux Line: Enumeration and Exploitation Tools → Nmap, Metasploit, Burp Suite, John the Ripper → Identify and Exploit Vulnerabilities.

Topic 5: Challenges and Solutions in Enumeration

Definition: Enumeration ke dauran face kiye jaane wale challenges aur unhe overcome karne ke strategies.

Subtopics:

  1. Firewalls and IDS/IPS:

    • Firewalls aur intrusion detection/prevention systems enumeration attempts ko block kar sakte hain.

    • Solution: Stealthy techniques jaise idle scanning ya fragmentation ka use karna taaki detection se bach sakein.

  2. Rate Limiting:

    • Kuch systems requests ki number limit karte hain, jisse enumeration slow ho jaati hai.

    • Solution: Tools use karna jo rate-limiting features ke saath ho ya enumeration ko time ke saath spread karna.

  3. Encryption and Obfuscation:

    • Encrypted ya obfuscated data enumeration ko difficult bana sakti hai.

    • Solution: Tools jaise SSLstrip ka use karke encryption ko bypass karna ya obfuscated data ko manually analyze karna.

  4. Legal and Ethical Concerns:

    • Enumeration activities ko legal aur ethical guidelines ke saath comply karna zaroori hota hai.

    • Solution: Proper authorization lena aur ethical hacking principles ko follow karna.

Mind Map/Crux Line: Enumeration Challenges → Firewalls, Rate Limiting, Encryption, Legal Concerns → Use Stealthy Techniques and Follow Ethics.

PreviousUnit IV: Enumeration ( English )NextUnit V: Deliverables ( English )

Last updated