Hello,
I have been using backtrack/kali on and off since BTR3 I think it was. I originally used it only to crack WEPs. I looked into WPA2 and determined that because most people now use complex passwords it just wasn't worth pursuing a dictionary attack.
By the time I discovered reaver it seemed that most of the routers around me were patched. Although I understand it in theory, I have never been able to use it successfully. I had fun playing around with mitm attacks and using the mitmf framework. I found that although combining beef and mitmf works well against outdated browsers, it is rendered useless against chrome or advanced browsers. Do we have any attacks that work well against Chrome?
Last year I developed an interest in the exploitation side of things so I learned nmap, hping3, metasploit, AV evasion, and the basics of netcat, Open_Vas, and THC-Hydra. I found that openVAS rarely gave me any useful info. Do you guys have different results? I also couldn't really could get THC-Hydra to work on my router, even after following the various guides here.
Recently I decided to learn linux and got through the 25 part series here on null-byte.
Looking back I am curious to hear what you guys think is the optimal hacker's progression. What do you think I should learn more about? Obviously there is still tons more out there for me.
Despite viewing almost all of the recon tutorials on this site, I feel that I know how to do recon on a server, but not so much on a personal computer. Metasploit is great and full of exploits, but without knowing which will work on a computer, they don't do much good. I have tried using nmap to query the service and version but it frequently doesn't retrieve any info. I have avoided Maltego and some of the others because they offer a limited number of scans / cost money.
Thanks for any help/suggestions!
P.S. I have briefly touched on Database work (SQL Injection) and from my research determined that most sites are now patched. The cost benefit analysis of learning that skill makes me think it isn't worth learning.
10 Responses
You could develop your own exploits... learn that
Or try to make it a mission to hack family members and then warn them about it... itll be challenging...
And at last but not least.. seach.. tinker and play with stuff you are not abke to do... play with it until you get it right or get better at it than others!! ;);)
Good luck and have fun!! ;);)
Developing my own exploit... funny, I that series open in another tab actually. I also want to figure out the "Hacks Behind Cracking" series.
haha I like all of the winky faces. Will do. I got a reverse shell on one family memebers computer already. I guess that means tinkering with THC-Hydra more. I have spent hours trying to figure that tool out and just cannot get it to work properly.
Its not complete that series... you may have to go google;);)
1 family member is not enogu... I mean he/she could be the easiest one... get em all!! ;);)
Kudos for that alone :)
I don't think I'm qualified to answer your question, but I do want to chime in to say that you seem to be doing everything right and are on a pretty solid path.
Maybe step away from hacking tools and start learning a programming language? Python, etc.? If you get good enough, you can build your own tools or augment existing tools to fit your specific needs.
For my part, I'm in a situation right now where I really wish I knew more about networking and what a system/network administrator sees and tools they use.
Thank you. Yeah it took a while to get through and I am sure that I don't remember it all, but it did vastly increase my knowledge of Linux. Before I was kinda just blindly stumbling through Kali, but now I believe that I have a good feel for it.
I have learned Java, C, and C++ but that's about it (plus I am no master of those languages). Do you think that Python and Ruby are really essential to learn?
I agree that those are important to learn. I haven't explored those at all.
Any knowledge is helpful; but Python are Ruby are used quite often.
As for the "more sophisticated passwords" bit. Eh, not from what I've encountered. Even the passwords that have prerequisites retain similarities.
ghost_
Guess I'll have to learn a new language! Will take that into account. I was just thinking, are there any tutorials on creating an auto-running "infected" usb drive?
USB rubber ducky.
ghost_
Maybe try making your own... with autorun.inf file??
I considered this. I just want to figure out how to make the file open without the open file warning. Not sure that this is possible though
Share Your Thoughts