HACKING LESSONS FOR BEGINNNERS PART 2
==========================================================
OK there are a few tutorials, but what I want to do here is try to provide a complete basic overview to refer you to all the main aspects of hacking, and not random crap, stuff that will actually teach you in a structure. I'll presume you have little to no experience and try to point you in the right direction - feel free to ask questions and give feedback.
more info about hacking here
Obviously you need a good understanding in computing, different operating systems, different server types, networking and so on. Something you really want to also get to grips with is IP/TCP/UDP so I'll refer you to a link here
Reconnaissance/Information gathering:
The first, and often most overlooked part of hacking is reconnaissance/information gathering. Lazy or noobs will often do little to non of this at all which often leads to getting caught, a failed hack, creating more hard work for themselves or generally missed opportunities. This is often described as foot printing, blue printing and just information gathering. So there are many things you want to look for. For instance information about the company, employees, systems, partners/associates and more and it's useful for many reasons. Mainly finding your best approach/weaknesses and something we'll come onto later, social engineering.
A good tutorial is here
Scanning
The next section is scanning, that is, scanning the port/services on your target either across the WAN or LAN, this helps identify the points of entry, map out the network and more. This i when you start to realize why the reconnaissance helps and the IP/TCP/UDP knowledge comes into play. For instance, if you scan the ports of a target and they have TCP ports 21 (FTP), 23 (TELNET), 3389 (RDP) open. That is 3 potential access points... for more information on scanning, click here
Gaining/maintaining access:
Once you've done your reconnaissance, foot printed, scanned the system and mapped out the network/determined the services you now want to find a way to access the systems. This is done in many ways, and differentiates dependent on the network, servers, weaknesses and so on. For example, you may want to hack into a web server but while that could be secure you find it's integrated with a vulnerable back end database and access it that way. Once you're in a system(s) you want to stay there by creating back doors and so on, the idea is, you've made all this effort so ensure you can access the system(s) in the future. More info here and here
Covering tracks
Obviously doing everything you've done, the last thing you want is to get caught. You can take steps when entering systems such as proxies, spoofed IP's, public systems and so on. But after you've gained access, often a part of maintaining access is covering tracks and hiding the fact you was ever their, from editing/deleting logs/registries and so on.
Programming
Contrary to belief at first you do not need to be able to program, it helps don't get me wrong but there are so many tools out their for you, at the beginning stages it isn't necessary. The main reasons for a hacker programming is to write their own tools for exploits/viruses etc and tools. This is when really for when you become more advanced and the tools/resources available to you just don't cut the mustard anymore. Personally (despite me coding in different languages) I would recommend C++ despite whether you're new to programming. It's generally the most overall useful and robust language and great for hacking. But try not to concentrate on this at the minute this is way down the line.
Social Engineering
In my experienced, this is one of, if not the most important aspect/skill in hacking. In a nut shell it is a way for you to gain information on people and/or organizations which you wouldn't normally have access to for your own sinister reasons. I could tell you stories as long as Santa's list regarding social engineering and trust me, please, it's the most powerful tool you'll ever have. More info here
Further reading
A nice overview course (while a little outdated and pretentious) have a look at this torrent it's the videos etc of a C|EH course
NOTE:
This is in NO WAY a complete tutorial, it is simply a guide to try and point you in the right directions to progressively aid you in learning the fundamentals of hacking! so don't give me any shit or I will pimp slap you.
Hope you enjoyed people!& Also Like It Please Comment Below....
0 comments:
Post a Comment