Many people believe that hacking is a simple process. Someone hands you a silver bullet and you own the system! That is far from the truth. Hacking is a slow, methodical and sometimes tedious process. You have to do your "homework" to be successful.
The hacking process generally is depicted as a multi-step process. Here is how I see it.
- Passive Reconnaissance
- Active Reconnaissance
- Footprinting and Enumeration
- Escalating Privileges
- Cover your Tracks
Most want to focus on Step 4, but you have to do Steps 1-3, if you expect to have any success in Step 4. You must then do Step 5 to escalate your privileges to "root" or "sysadmin" that would give you unlimited access and power over the system. Finally, you need to do Step 6, if you don't want to get caught.