Greetings, I'm having some issues if it comes to getting into a system / server. I know it's a easy task if the system hasn't been updated for ages and runs old software. But what do you do when you want to hack a person's pc thousand miles away with a updated Linux / windows OS. or maybe a bank website which has real good security and has been updated good. I know in these cases metasploit wont work since the exploits has been updated, (right?) Lets leave out the social engineering part of "Sending a email with a reverse shell in it " . If you could share your experience on how you got into the hardest systems, that be great!
For me this is pure for education purposes since hacking just fascinates me. When i was just 8 years old i wanted to know how people hack that and hacked this, but now that i got the age with me and the dedication / discipline to actually learn it, its gonna be way better and funnier:)
5 Responses
First thing someone would need to do is recon. Recon is 80% of any hack. For hacking one person its a lot easier to assume they have everything updated if they know what they're doing, but corporations do not always update their systems for many reasons (update is unstable, older hardware not supported, just don't care) so its foolish to assume that a company's are updated just because they are a company.
For your question of what I would do if the system is fully patched, unfortunately, would probably be social engineering. Its a lot easier to trick an employee into downloading malware than it is to find a zero day. I don't know how old you are but in the corporate world, not many employees care about their company's data unless its their job to. Most employees just show up, do their job, and go home. That is why social engineering is becoming so popular.
If you are really interested in cyber security and want to know more about what social engineering can accomplish, watch some Def Con panels. Here are a couple good ones from the last one.
First of all, thank you for responding. The information you gave me sure does help, I've been learning alot and know how to recon good. But i never did any exploits just because i still dont feel comfortable with the hacks and leaving no evidence behind, after all... How can you learn if u are locked up behind bars hehe..I will be checking the video's you posted tonight :) If you have anything else to share with me, i have my ears wide open to listen !
If you haven't already, you could set yourself up with a lab for a safe and legal hacking environment, and that way you could check for yourself what kinds of evidence you're leaving behind and learn how to erase it or avoid leaving it in the first place(since you'll be hacking yourself). There's lots of info on setting up a lab if you search. Also, again, if you haven't, look for sites like this: https://www.vulnhub.com/ where you'll find pre-configured vulnerable systems for you to practice on. You'll need to know how to use virtual machines with virtualization software like vmware player, or virtualbox. It's worth noting, on the site linked above, you can read other peoples walkthroughs on how they completed their hacks... from start to finish.
You should probably check out Linux commands. They're useful for connecting to sites or servers.
Study Linux, Kali Linux, and the 5 steps of a hack. Really it's hard to tell you where to go since there are just so many individual paths for you to take.
-->Just AWESOME<--
AND
-->Same Guy; Same awesomness ;)<--
Read this for a step by step guide how real dudes hack into big systems :)
Share Your Thoughts