So im in class 12 and one of founding members or our school's tech club. We are holding a series of competitions for which we will have an inaugration. So I was thinking that during the inaugration there will be judges and students present and it wud be the perfect time to hold out a workshop on hacking for making them aware...
Can u help me out holding it cause im not that of a pro and have learnt everything from this holybible website.. ( I love wonderhowto nullbyte)..
Ive not learnt everything... but some basics in metasploit and wifi hacking...
So I was thinking of hacking our judges or teachers or studenta mobile or anything else.. please suggest me what to do... ill be really grateful
22 Responses
you could make a phising site. trick the judges into typing their password and username to a site. And there you go, the password will be send to your email. It's proberly the esiest social Engineering that i know.
your welcome :)
Long ago, a pentester eavesdropped on a computer in the LAN of the school revealing employees not doing their job.
But I don't think that's the case. Hacking people's mobile as a competition? There won't be much variability, and definetely won't be funny (neither easy, as you know you need to be very highlevel to do that in an innovative way)... Aldo difficult to organize in practice!
You could setup a chain of vulnerabile services (like metasploitable) and see who is faster, adding some levels of difficulty and them at the end ad a conclusione showing all the differenti ways you could compromise the environment. However, you should tell us more about the skill level of your companions.
Personally, I don't like competitions. Try to do something all together, like working on code or presenting each one a differenti topic about hacking.
There are no companions... just me... there are like 5 people in the school that know that kali is an os... and neither of em know about it..
So its just me...
For the mobile... I was thinking just asking them to install the app and tell em that someone can make em install the app via social engeneering...
And yea I like hacker1 idea but we dont have a wifi or internet in school that the principal will let me access so it has to be offline...
CIUFFY yea I see wjat ur saying but considering my school doesnt know really less about these matters .. they r just facebookers....
So something easy and cool maybe wud be really helpful...
And if u cud point me to a tutorial for doing the required... ill be realllyyyyy grateful...
THANK U VERY MUCH... I LOVE THIS COMMUNITY
Glad you are excited about Null Byte ^^"
Are you like, trying to setup a stand and demonstrate hacking to people? Well, there's plenty of stuff vere you could think of.
Look for something easy but impressive! Some tools are built just to demonstrate how easy hacking is, like Subterfuge. Bring some computers and an ap or a mobile with LTE hotspot and show them a MITM, trying to explain techniques, tools, specific terms and security and morale issues.
Just remember that you are helping security awareness to grow, not trying to look cool, so show them how their usual superficial behavior may be harmful for them, that would be impressive ;-)
Yea I know im helping security issues awareness... but trust me if I dont look cool... theyll not listen to me and theyll just be sitting making lame even dirty comments (lol)... and trust me what im saying is true cause ive experienced it around me when I was in workshop...
But for mitm and all u need internet right... but we dont have internet and lte is really slow where my school is... there is like almost no connectivity there...
So ill have to stck to offline... as far as I know right now I can only do a phone hack using payload.... can u tell me anything else can I do?? (Cool wud be helpful but anything helps just fine too :) )
Thank u very much ;);)!!
Don't hack to "look cool." I personally think that makes someone a script kiddies with no ethical intentions. It degrades the definition of "hacker."
If you don't have WiFi, you could connect computers via Ethernet cables. That way you can still hack them, but it will just be a bit difficult. As for mobile hacking, there's this unstable, vulnerable service called Bluetooth. ;)
I thought hacking Bluetooth was something kids like me did years ago on symbian phones? :P
Now serious: does bluetooth hacking still work?
Yes, because it's still working like those days. Too bad still exists.
I like your initiative... as Indian schools need it....
how will be the idea to make some crackers with python or something, if you are saying you have to be offline...
as much I know about your school(from your saying) it must be not-so-high level.....
Cracker hacker.. I dont want to look cool... im just saying that if the things I perform on the stage dont look cool a little bit... the students will not pay even a little attention... thus making the whole idea of the workshop ineffective...
Shadow india and cracker hacker... if u cud point me to some tutorials for the same id be really helpful... or atleast poimt me to a place to start... ill work my way from there.
Thank u for ur help and time!!! ;);)
"The applaude of the artists is more worth to you, than that of the great masses." - Robert Schumann
What we are trying to say is that this is not a game. You don't have to amaze, you have to warn. My best guess is still going for Subterfuge in LAN. But if you have a so not-caring "mass" then praftical exploitation and compromization of a system is too long and requires volounteers.
Most won't even know what a shell is! You are looking for password cracking. You can't appreciate art if you don't know the rules. People are selsfish and will care only If it's about their security and private data.
Still remember your post on Subterfuge. Was like a year ago ....
Time flies.... ah .....
Hacking isn't meant to make you look cool, it even looks boring when movies crack passwords using gemoetric shapes. It's just fun when you know what you're doing.
I think that if you can get a Wireless AP (or a mobile phone with that can become a wifi hotspot, as mine does) connected to the internet, you could make a small wordlist containing it's password, crack it with Wifite (it has colours, amazing!), and then start capturing traffic with Wireshark.
Then, use another computer connected to that network to navigate to some unencrypted URLs, then stop the capture, File > Export Objects > HTTP, save all the objects, and then show them how easily someone could see what they're doing if they're not using a VPN, at least.
Is that the kind of show you'd like to show them?
Or try to strip HTTPS with SSLStrip+/2 to show that "secure" isn't that secure (doesn't always work anyway).
" 'Secure' isn't in my vocabulary." - Random person who's name I forgot.
I totally get what ur saying.. I myself dont want to look cool... what im saying is that if it doesnt amaze then... they wont pay attention... and if they wont pay attention.. then their is no point even in doing the workshops right??
What I want to show them is real basic... like if u sit in a cafe and use wifi ur vulnerable... if u open links and install apps from unknown source ur vulnerable... tell em a little about social engeneering consequences...
After reading ur suggestions.. what ive finalized is -
I know about this stuff
This one I dont know how to do so and need help :)
I dont know how to do this too and need help for this ;)
THANK U ALL FOR UR TIME ;);) !!
I have made a tutorial just for the social engineering part you need help with. It will help you do exactly as you want. As for making your laptop an access point, you'll want to use Mana or Arial to create an evil twin. (Spoilers...)
Thank u everyone!! I love u all!!!
Really appreciate all of ur help!!
You will need infographics, power point, 15 foot fast fold, laptop(s), AP and projection. The ability to explain in detail your findings and method(s) to trigger said issue(s). Also you will need to explain how to patch or counter the threat(s) if possible.
DO NOT breach the school's network without written permission, even if it is for good.
C|H of 43 33 made a post on mitmf is good one.
Social engineering is the most relevant since it crosses all areas of life daily. And even the non tech can benefit from the lesson.
Any topic you understand and can project to the audience. You could extrapolate trends in malware and methods of infection etc.
Yea lol im not gonna breach the school... Im not that advanced and their is nothing to breach in the school lool...
So ill setup a projector and my laptop with kali...
Hack a phone... show a fake fb page... hack phone again with twin ap...
Voila!!
Thank u all!!
cracker... thank you so much... I needed that tut... on social engineering
You're welcome! :)
Share Your Thoughts