New but not a total n00b

Started by OzYriz, July 07, 2005, 06:02:21 PM

Previous topic - Next topic
Hey everyone,

I notice you guys are very helpful to new folks askin questions or advice so i thought id give it a shot.  Ill appologize upfront I have a lot of ?'s and will prob ask at least half of them in this one post.

Il start off im not "completely" new to all this i just know enough to get myself in trouble but not accomplish anything.  My area of interest is network penetration (sounds like sexual assault of a router, doesnt it?) dont get me wrong i dont intend on cracking for illegal purposes, or to destroy anything.  

I am already a tiny bit informed on port sniffing, basic info gathering, and social engineering (not going to be my strongpoint knowing my personality), and of course the deadly port scans.  When i say a tiny bit informed i understand their basic functions and thats about it.  Which is amazing cause i been reading this and that on hacking since the great old days of the 2 node Renegade BBS systems.  It just seems that the info never ties together in those how to,  and guides to this and that.  

I know im gonna have to move over to linux to have the manuverability ill need OS wise and have a pc sloted just for such as soon as i can get an answer on which distro would be best to use.

Well i guess ill leave it at that for now.

Looks like a good start.
Godaigo
All's fair in Love and Brewing.

Was there a question or are you just introducing yourself ?

Welcome either way.
"My Terminal is my Soul"

Sorry i tend to be a bit vague at times.  I am basically asking what should my next steps be to get a better ubderstanding on the subject, and learn to carry out full hacks from start to finish.  It seems every guide and such only gives bits and pieces of information that I am having trouble putting together.  Also any networks you know of that allow users to attempt to hack them would be nice, as well as your reccomendations for software, utilities and such would be greatly valued.


* Also I am having trouble deciding on a linux distro Ive been thinking bout Ubuntu, any thoughts (im intslalling linux sometime tonight)
:D

Firstly, for the question of what distro.

I think it largely depends on who you are and what you want.

I personally prefer Gentoo since it compiles everything from scratch (or not if you prefer -- you can basically choose different steps from most every place in the install). This makes it possible to optimize things more, and results in a faster system. The only downside is it takes a while to install.

Some others like SuSE.. some like Fedora Core.. some like Slackware, etc.

Another thought is BSD (Freebsd.org for instance). That's not linux but it's still unix based.

I can't mention what I think of the one you mentioned, since I am not familiar with it.

About the steps for exploitation....

It usually is going to vary but the general idea is this:

- Figure out who your target is.
- Research it. Really research it You don't want to be fooled by the system and fail, or worse get trapped (or busted).
- Research includes finding out which services it runs, what OS etc.
- After that, you can either search for an exploit or make your own if you can.

And just go from there.

But above all.. make sure what you're doing is legal. Nothing would suck more than to get busted for trying to learn.

About what you can do next.. I'd suggest learn the OS you're about ot install. Know it well. Read, experiment, etc. If you're serious, learning to code (May I suggest C ?) might be very valuable to you as well. And keep at it :)

Hope that helps. If not let us know.

"My Terminal is my Soul"

Thank you very much, that will give me a good start.  I hope you wont mind if i have other questions along the way.  ;D

No prob. And feel free to ask other questions.

"My Terminal is my Soul"

July 10, 2005, 09:02:37 PM #7 Last Edit: July 10, 2005, 10:22:52 PM by OzYriz
Well I decided on Mandriva (Mandrake) for my distro Ive used Red Hat before and am already impressed with the difference in the quality of the distro.  Its user friendl enough to get to learn moving through the unix filesystem and such.  I am however planning on moving to freeBSD after i get a bit more familiar with the *nix OS,  By the way is it absolutely required that you use linux to get the manueverability you need for network penetration or can you just use a shell account.

*I found a server open for attempted hacks,  would it be too much to ask for you guys to walk through the steps with me,  I dont mind if it takes a while im in no hurry, brains can only absorb so much at a time anywho.

:P

Also if you guys could make me a program (toolz) list of everything I will need to start out I would greatly appreciate it.  And both win32 and linux toolz as im gonna try to learn to work from both although I understand some things will have to be done under linux. i.e.... Netcat  

netcat is pretty nice

so is nmap

check out www.insecure.org/nmap

also, I would suggest you get in to coding (C). And gcc (the GNU compiler collection) should already be on your system.

As for walking you through.. kind of hard to do without more info. And like I said, it always varies... depending on some things.

Like what kind of OS.. what hardware (at times), what services (web [http] ? ftp ? ssh ? etc)

Once you have that info, it's just a matter of finding a vulnerability... and exploiting it. It's not that simple always but that's the idea.

As for shell versus your own box. Look at it this way:

On your own box you have root and permission to do whatever you like on that box. I doubt you have root on your shell account somewhere. So it's really not the easiest. Plus if you do things that are illegit, then the admin might be really upset (I know if I had someone on my box and they were doing things related to this I'd be quite pissed at them, whether it was legal or not actually).

but root is really quite useful, so I'd suggest you have your own system -- especially when learning the OS.

Does this help some more ?

Oh and do check out nmap ... it's quite extensive. In fact that whole website has quite a few useful tools listed elsewhere.


"My Terminal is my Soul"

Sorry, i am still laughing at 2 things.

First thing .. Mandrake.. Dood, mandrake is muck! Mandrake seems to be dedicated to hiding what linux is all about and turning it more into a windows system. It is basically Windows for companies that want to use Linux on their client machines.. Because it is SO userfriendly everyone can use it.. however.. they have destroyed the OS by doing this.

The other thing i was chuckling at was that you are then going to do a swap from Mandrake to FreeBSD .. Man that is going to be a sharp smack in the face for you.

So now i have slagged the hell outta ya .. I will give some constructive advice..

I personally use Fedora, but then i have been using RedHat since  the VERY early days. Although i will admit Fedora does have some shite problems. As much as i don't really like it, I would suggest using Gentoo. it gives you a bit more of a hands on approach.

As for tools (z) and shit, i believe insecure.org have a list of Top 20 tools or somin like that. Also www.net-security.org and www.securityfocus.com have lists of tools and their description. Also on Security Focus they have possible the nets largest exploit/vulnerability database. Which you will find comes in handy.


In terms of steps to rooting a server "step by step" I suggest you start by gathering some information on the server and the admin.


1.) You can use Nmap that Metty suggested to do port scans, get a guess of OS amoung a host of other options.

2.) What i tend to do then is a whois on the domain name and see if there is information available on the admin of the server or the owner of the domain at least.

3.) Check if they are hosted on a web farm, or if they are hosting on their home connection.
If they are hosted at home, find out who provides their broadband. You can do this the hardway or the easy way. Easy way is Social Engineering .. and just ask! This could have more of an impact than you might think.

4.) Social Engineer the admin if you want, find out if he admins other servers, if he does then do scans and checks on them aswell. This will help you find any paterns in the admins security.

5.) You'll want to do version scans on ports to try and find what   type of software service is running, I.E What FTP server, HTTP server etc..

If you can not get a service name, then you will be able to make an educated guess.. perhaps doing some Banner Grabbing (connecting to the port and see what it returns, 9 times out of 10 it will return the software name by default).

6.) Once you know the service version you need to find out configuration for that service, known exploits for that service, EVERYTHING you can possibly find out about it.

From there you can muscle your way in..


NOTE::!! This is just a VERY patchy description as to a method, and it is only ONE possible method. But as you said this is a server free for hacking, then you do not need to worry about protecting your own ass. HOWEVER!! If you use these methods and go in all guns blazing in a real environment then be prepared to get caught. haha...

You will need to fill the holes in yourself.. I'm at work and don't have the time.


OH! P.S: Web Applications this is a very easy way of finding a vulnerability. During the process of writing my paper on Black Box testing Web Applications, i found COUNTLESS sites Web Apps that were left WIDE open to attack.

Good Luck!
I am not suffering with insanity... I am loving every minute of it.

Cobra I must thank you you for your post.  It really shoots me in the right direction, putting together a lot of the things i already know how to do. Just in a logical order.  And dont worry about the mandrake stuff, everyone needs to get slapped into line every once in a while.  So if I'm really interested in learning and using FreeBSD should i start off with that ( id ont mind reformatting and installing a bit)?  

And ill get started collecting the above mentioned info tonight, and will get back with it in a day or two.

And again guys i appreciate all your help, your the best.


Depends on what you really want ....

I don't know much about mandrake (must admit I don't want to either :)). Something tells me also a bit GUI oriented or at least focused on those who are lazy or who want it easy.

I am not saying that's you, I don't even know if the above is true, but just thinking it's probably something like that.

But one thing.... do not avoid the shell. It's what you need to learn to use linux. No questions asked. Besides, I often see myself getting things done much quicker with a command or two than going through in a windowing environment.

The OS is up to you..what works for you, but if it does kind of hide things, then I don't know why anyone would want to use it ...

Gentoo is awesome. And as Cobby said, it is hands on... but it's really up to you. BSD is pretty cool too, and it's rock solid.

No one can tell you what OS to use, but some OS's will be more beneficial to learn than others (kind of like learning English in this world is more beneficial than learning some other less often used language).

I'm kind of in the middle of something too and have been out of it lately, but hopefully this made some sense and was of help.

"My Terminal is my Soul"

Well! I'm horribly offended! I've used Mandrake for years!  ;) Nah... just kidding. Actually I did use Mandrake for a long time, just because it was easy and it is basically a nice GUI, and they leave out a lot of the nice tools and features of Linux. All in all it's great for someone who doesn't want to get their hands dirty. It sounds like you "do" want to get your hands dirty though, so definately go with Gentoo (I haven't used it but I've heard too many great things to discount it) or maybe just jump straight into BSD (after research!). Either way I think that you're on the right track! Good luck!
Godaigo
All's fair in Love and Brewing.

I'd suggest diving straight into BSD if that is what you ultimatly want to use. Be prepared to make mistakes in setting up your BSD machine.. There is LOADS of documentation online that will help you through the install process and also you can post any questions here.

Just be carefull when BSD doesn't detect your monitor and you need to add your H & V Sync rates, get this wrong and you might be seeing a fireworks display :P haha

You'll have to do a lot of googling on that one. However you could be one of the lucky ones and BSD detects everything for you. I have yet to see it happen, but ya never know :)

I am not suffering with insanity... I am loving every minute of it.

I re-read my post and it should have been "but" they leave out a lot of good tools, not "and" they leave them out! We want the tools! Cobby, and everyone else, have any of you played with the 64 bit BSD's, any recommendations? I've finally decided to take the plunge myself and sometime this weekend will be moving from Linux to BSD. What are everyone's favorite flavors? Oh and one more question, does the 32 bit flavor work fine with the 64 bit chips. I assume so, but I know that BSD can be more finicky than Linux as well as more powerful. Thanks for the input!
Godaigo
All's fair in Love and Brewing.

SMF spam blocked by CleanTalk