I have been reading here on Null Byte for a while now and I will admit I am as green as a greenhorn can be. I only recently started using Linux and had to find my way around a command line interface using YouTube tutorials and many texts here on NB. I started playing HackNet awhile ago and totally loved it! I know it over simplified by a lot but did get my interests up even more. See this post as my personal introduction to the NB community; dlagel says HI!
I have always had an interest in security and penetration testing; finding ways into abandoned buildings as a kid, lock-picking a few years ago and more recently that shifted to the digital realm.
My goal for now? I want to see how vulnerable I myself am to hackers. If I can hack my own machines; I know I gotta step up the security a notch. I want to hack my own old machine and try to connect to my WiFi by any means other than tying in the passphrase.
If I am able to "hack" my WiFi I will assume anyone can.
What I have done so far:
- Downloaded Kali from the makers website and verified the hashes. Legit.
- Enabled virtualization on my laptop, got an OracleVM set up and installed Kali (PS: recommended 8GB of disk will result in FAILURE! Take 20 or so ;)
- Got myself a second laptop (running Vista) as victim machine that's connected to the same WiFi (just my own, regular, everyday-use home WiFi)
- Done some nmap, found multiple devices on the network and found my target machine.
And that is basically where I am at. I've been unable to find which services are behind these ports, let alone find a usable vulnerability. There are a lot of helpful tuts here and elsewhere but none of them are, of course, a simple 100% copy-paste it seems.
Currently I am trying to figure out all these hundreds of parameters and options of nmap alone, I'm truly just scratching the tip of an immense iceberg. Man what a journey I got ahead! Its both a challenge and at the same time almost demotivating so much I have to learn but I hope to find some community support and a new hobby might grow bigger every day!
I'm not going to ask for you to hold my hand but if you guys can throw usefull links my way I will do the research and take it from there.
Thank you for taking the time to read this large post; I'm going to play around in Kali a bit more!
6 Responses
Sounds nice :) keep it up bro!
Staffbyte_
There is nothing to throw at you, because we do not know your intentions and what you want to accomplish. The best thing a newbie hacker can do, is find his own path and learn it in his own way.
Of course you are still welcome to ask when in doubt, but be willing to put in the work needed when and if necessary.
Hi, i also like Hacknet, ...the next step is to find any vulnerability, or create one:
To create one vuln i recomend to you get some man about man in the middle and go for it (app is Bettercap or Burpsuite)
To exploit a vuln:
root@kali:~# nmap -PN -T4 -p139,445 -n -v –-script=smb-check-vulns –script-args safe=1 192.168.0.1-254
(+info https://nmap.org/book/man-nse.html )
msf> search <vulon finded with nmap-nse>
i like more using Armitage, it has too the msf console plus a nice visual representation of hosts and more.
Keep going on that, after discovered a hole just place a backdoor (like putty or netcat).
www.cybrary.it
The Hack Like a Pro series by OTW
https://null-byte.wonderhowto.com/how-to/hack-like-pro-hack-web-apps-part-1-getting-started-0159914/
http://www.infosecinstitute.com/
https://www.skillset.com/home
You should also learn Some Programming Languages to create you own tools.
Welcome to Null Byte, D Lagel. If you are in doubt or encounter any complications you are always free to ask for guidance, doing so in a cordial manner.
There is no need to overwhelm yourself with the convoluted nature of nmap. I started a series that will eventually divulge the tool in its entirety, starting from level zero. Hopefully you will find it useful.
Have a great stay.
TRT
You're only scraping the tip of the ice burg by learning linux. If you have not learned windows already you should, as in the command line and other aspects of it.
I know linux to a degree, though i'm no expert. Now it is time to learn windows, I do not know the command line well aside from the very similar directory traversing commands it has compared to linux.
There is much to learn, and you will be spending hours learning just a few things. It is up to you to find out which direction you go in, not somebody elses. This also means it is up to you (mostly) to find out the information you need. We and others are here just to help guide, were you are the one who drives down the this long road.
Share Your Thoughts