Using the information gathered so far, you can now transi-
tion into the next phase: gaining access to a system. All the
information you’ve gathered up to this point has been focused
toward this goal. In this chapter, you will see how you can use information from previous
interactions to “kick down the door” of a system and carry out your goal.
After enumeration, scanning, and footprinting, you can now start your attack on the
system. If you look at the information you obtained in past phases, such as usernames,
groups, passwords, permissions, and other system details, you can see that you are attempt-
ing to paint a picture of the victim that is as complete as is possible. The more information
you gather, the better, and the easier it is for you to locate the points that lend themselves to
attack or are most vulnerable.
Always remember as a pen tester to keep good notes about your activities
and the information you gather. This is important for numerous reasons:
You will want to present the information to your client, keep it among your
legal records, and, in this chapter, use it to help you put together the best
possible attack and assessment.Up to This Point
Let’s take a brief look back at the previous phases to see what types of information you
have and how it carries forward to this point.
Footprinting
Footprinting is the first step in this process and simply involves gathering as much informa-
tion as you possibly can about a target. You are looking for information pertaining to the
whole organization, including technology, people, policies, facilities, network information,
and anything else that may seem useful. Footprinting helps you understand the organiza-
tion, create a profile that you can use for later stages of your attack, and plan a defensive
st rateg y.
Information you gather during this phase may include the following:
■ IP address ranges
■ Namespaces
■ Employee information
■ Phone numbers