It never ceases to amaze us that people’s perception of hacking is very rarely close to the reality, probably in most cases down to sensationalism and the film industry.
Films tend to either paints hackers as socially awkward geeks or
fanatical villains (such as Raoul Silva) who write an AI or build a super computer that can best the even most advanced security system.
The reality however is that hackers (and by necessity, security consultants) do not magic up solutions solely by the power of intellect. That’s not to say there aren’t some incredibly smart hackers out there, the point is that isn’t enough on its own.
Hacking systems takes time, patience, organisation and planning. To do all this without leaving a trail or getting caught requires nerves of steel, attention to detail and a meticulous nature.
A great example of an activity performed on almost every target a hacker may attempt to compromise is enumeration.
What is enumeration?
According to the dictionary, enumeration is “the action of mentioning a number of things one by one”. In hacking it generally refers to gathering information about a system by querying, scanning, guessing and brute-forcing all the possibilities for a given facet.
A common example of enumeration is ‘port scanning’. When a hacker has an IP address of a device (for example a server or a computer) on a network and they have access to that network, they will often tell their computer to check if the target has ‘open ports’ on all of the 65,535 possible options. If their system finds an open port, it will then query it to try and determine what is behind it (e.g. an email server).
When targeting a web-based application, a hacker might use another script along with a ‘dictionary’ (list of possible folder and file names) to try and see if there are any hidden accessible files or folder they can target – this can try an infinite number of possibilities, the only constraint is how long a hacker will leave the scan running for. Our consultants have on occasion been known to leave scans running for days to try and hack in to a system.
Once a hacker has performed multiple passes of enumeration (often a lot of enumeration), they have additional information on the next steps of the hack. Often they will be looking to have usernames, services running on target systems, open ports, software and version info, etc.