What is footprinting? | Ethical hacking
Fingerprinting means gathering information about a target system that can be used to carry out a successful cyber attack. To get this information, hackers can use various methods with variant tools. This information is a hacker’s first way to crack a system. There are two types of footprints as below.
Active Footprints:
Active fingerprinting means performing fingerprinting by direct contact with the target machine.
Passive Footprints:
Passive fingerprinting involves collecting information on a system located far away from the attacker.
The different types of information that may be collected from Footprinting are:
The different types of information that may be collected from Footprinting are:
•The operating system of the target •machine
•Firewall
•IP address
•Network map
•Security configurations of the target •machine
•Email id, password
•Server configurations
•URLs
•VPN
The sources are as follows:
Social media:
Most people tend to post most of their information online. Hackers use this sensitive information as a big deal. They can create a fake account that looks like the real thing to get friends, or follow someone’s account to get their information.
JOB position:
Organizations share confidential data on many JOB sites like monsterindia.com. For example, a company posted on a website:
“Open job for Lighttpd 2.0 Server Administrator”. From here, information can be collected about whether an organization is using the Lighttpd web server version 2.0.
Google:
Search engines like Google are capable of performing many searches more efficiently than we think and do. It can be used by hackers and attackers to do something known as Google hacking. Basic search techniques combined with advanced operators can do a lot of damage. Server operators exist as “inurl:
“,”allinurl:
“,”File type:
“, et cetera.
For example, devices connected to the Internet can be found. A search string such as inurl:
“ViewerFrame?Mode=” will find public web cameras. “Link:
“The search operator that Google has, is now disabled (2017)”.
Google can be used to uncover a lot of sensitive information that should not be disclosed. There is even a term for people who blindly post this information on the internet, it is called “Google Dork”.
Social engineering:
There are many different techniques that fall into this category. Some of them are:
Eavesdropping:
The attacker tries to record the target victim’s personal conversation with the restricted person by means of communication such as telephone.
Shoulder surfing:
In this technique, the attacker tries to capture personal information like email id, password, etc. scene where the victim looks over the victim’s shoulder while the victim is typing (typing/writing) their personal data for work.
Archive.org:
The archived version is the old version of the pre-existing website and many of the website’s features have been changed. archive.org is a website that collects snapshots of all web pages at regular intervals. This website may be used to obtain information that does not currently exist but previously existed on the website.
Organization’s website:
This is the best starting point for an attacker. If an attacker wants to find open source information, i.e. information that is freely available to customers, customers or the public, the best option is simply:
“SITE OF THE ORGANIZATION”.
Using Neo Trace:
NeoTrace is a powerful tool to get path information. The graphical display shows the route between you and the remote site, including all intermediate nodes and their information. NeoTrace is a well known GUI route tracker program. In addition to the graphical route, it also displays information about each node such as IP address, contact information, and location.
Who is:
This is a website that serves a good purpose for hackers. Through this website, information about domain name, email id, domain owner, etc. ; a website can be tracked. It basically serves as a vehicle for the website’s footprint.
