Footprinting is the first and most important step for a hacker if he wants to hack a system. you might know that the hackers who attempt to hack an organization without having prior information about the organization are called suicide hackers. Information means-
- Is the system live?
- It's IP address.
- Geographical location
- How many security systems are defending attacks
- How many domain names it has
- What type of Operating system they are using
- Phone numbers, email IDs, details of employee
We can divide footprinting into two parts.The fine art of gathering target information is called footprinting.
- Active Footprinting: If we talk about this type then here comes mirroring websites, email tracking, and server verification.
- MIRRORING WEBSITE: Here a hacker downloads all available contents of a website for offline analysis. A hacker does an exact copy of a website using website mirroring tools. For example, Teleport Pro, iMiser, HTTrack website copier etc. website mirroring tools. After downloading the website offline a hacker finds out the vulnerabilities and loopholes. The advantage of offline analysis of websites is, a hacker doesn't need to take any kind of risk.
- EMAIL TRACKING: Here a hacker examines email processing path. That means, here a hacker can find out from where the email is coming, what is its IP etc. To do this a hacker uses email tracking software, for example, Email Tracker Pro, MSGTAG, Zendio, PoliteMail etc. If someone sends you a fake email then, by using these tools you can find out its IP address, its exact location, its all details using these tools.
- SERVER VERIFICATION: Here a hacker finds that whether the server reachable or not from his own system. This means, when a hacker wants to hack a website, he finds whether the system alive or not. To do this ping is used. Also, to enumerate network path from attacker to target, server verification is used. From your own system to the target system, through how many routers you are going, to know the path server verification is used. To do this Tracert, Visual Traceroute, Sam Spade, TCR Trace Route etc. tools are used. And, to identify connectivity with the target we can simply find out by using the ping command.
- Passive Footprinting: Passive footprinting is a method in which the attacker never makes any contact with the target systems. In this attack, the attacker doesn't collect information directly from the target system but he collects from google search, whois queries, DNS lookup, social networking sites etc.
Attackers use google searching or google haking term when they try to find out the exploitable data or secret information through search engines or browsers. Google blocks its queries or tries to block but the truth is, Google can't defend the hackers from hacking its databases and also from launching the vulnerabilities, loopholes of hacked websites. Google haking has its own criteria. We use specific keywords with a colons yo target specific site. For example, -inurl: intitle: site: filetype:
Using Whois query we can know about domain registration date, IP address, registration expiry, phone number and email id of the owner, name of the owner, location etc. all details. Nowadays it is becoming normal to put all your information on social sites, without thinking and understanding. You yourself upload all your information like your pet name, nickname etc. which a hacker can collect easily from your social profile. When a hacker wants to crack a password of a social profile, he uses this information in guessing password cracking method.
Now, I think you understood the types of footprinting active and passive. But we can divide these techniques into three parts. So, now have look at these three parts.
Footprinting through the search engine:
At the first, understand the Google Hacking Database-
Using these a hacker can find out the password files, credit card details, webcam, live capturing data, login portals, and more things. There are two websites called ExploitDB and hackersforsecurity have already hacked the Google Database and keeping it on their server. They've kept the database in such a structured/categorized way that anybody can easily find out each information in different folders. Now, let's talk about the tools.
Footprinting through Tools and Applications:
Footprinting through command prompt:To hack a system a hacker needs to know whether the system alive or not. using ping(Packet Internet Groper) command this can be done. So, ping is a program that system administrators and hackers or crackers use to determine whether a specific computer is currently online and accessible. The command line is C/ping target(ip)/domain name.
Ping statics for (ip)
Packets: sent - 4, received - 4, Lost - 0 (0% loss).
Approximate round trip times in nilli-seconds:
Tracing route to www.google.com [2404:6800:4007:80f::2004]
over a maximum of 30 hops:
1 1 ms 1 ms 1 ms 2405:204:b107:546a:266f:bca5:853d:3794
2 * * * Request timed out.
3 96 ms 46 ms 47 ms 2405:200:312:168::2
4 62 ms 46 ms 63 ms 2405:200:801:f00::239
5 110 ms 99 ms 107 ms 2405:200:801:200::9e0
6 100 ms 98 ms 112 ms 2405:200:802:760::8
The connectivities we get are called hops. So I think you got how to use tracert command. The last tool we're going to discuss is vTrace. In this tool just type the domain name or IP and the tool will show up a list of routes through which you are connecting to the system.
If you have any doubt, you can freely comment below and we'll try the best to help you. Have a nice hacking life.