The Ultimate Guide to Hacking for Beginners
The Ultimate Guide to Hacking for Beginners
In popular media, hackers are portrayed as villainous characters who illegally gain access to computer systems and networks. In truth, a hacker is simply someone who has a vast understanding of computer systems and networks. Some hackers (called black hats) do use their skills for unethical purposes, or just for the challenge. White hat hackers use their skills to solve problems, strengthen security systems, catch criminals, and fix vulnerabilities. Even if you have no intention of hacking, it's good to know how hackers operate to avoid becoming a target. If you're ready to dive in and learn the art of hacking, we'll give you tips to get started.
Things You Should Know
  • Learn advanced Google search tricks to find hidden files, exploitable systems, and deep web data.
  • Hackers use enumeration to find open ports, usernames, IP addresses, hostnames, and other details to find vulnerabilities in networks and systems.
  • You can use a port scanning tool like Nmap or Angry IP Scanner to find open ports on target systems.

Building Skills

Understand what hacking is. Hacking refers to various techniques used to gain access to or compromise computers, smartphones, or entire networks by identifying and exploiting security weaknesses. Hacking involves a variety of specialized skills, most of which are very technical. Others are more psychological. Despite how hackers are depicted in popular culture, hacking is not inherently bad. Hackers are simply people who are skilled in technology and like to solve problems, identify security weaknesses, and overcome limitations. You can use your skills as a hacker to find solutions to problems, or you can use your skills to create problems and engage in illegal activity. Warning: Gaining access to computers that don't belong to you is illegal. If you choose to use your hacking skills for such purposes, be aware that there are other hackers out there who use their skills for good (they are called white hat hackers). Some get paid big bucks to go after bad hackers (black hat hackers). If they go after you, you will get caught.

Learn advanced Google tricks to access the deep web. If you are going to hack, you'll need to know how to use the internet. Not just how to use a web browser, but also how to access the deep web. The deep web (which is different than the dark web) is everything on the internet that's not indexed by Google, including private documents and photos, username and password lists, exposed personal information, unprotected directories, and even susceptible web servers. Google "Dorking" is an advanced search technique used to find information that's been accidentally shared on the internet—basically, the "accidental" deep web. This running list of Google Dorks is a great place to find queries that expose all sorts of private info. Try searching for some of these queries to see what information you can find with Google Dorks. Google indexes many different file types, just not websites. You can search Google for PDFs, Excel spreadsheets, source code, and more using the "filetype:" search operator. Learning the best ways to Google a person will be helpful for the social aspects of hacking.

Install a Unix-based operating system and learn how to use it. Many operating systems are based on Unix, with the most popular being Linux. Many web servers on the internet are Unix-based, so understanding Unix commands is crucial if you want to try hacking web servers. There are many different distributions of Unix and Linux. The most popular Linux distribution is Ubuntu, which you can easily Install as your primary operating system or in a virtual machine. You can also dual boot Windows and Ubuntu.

Learn how to code. Learning a programming language might take time, so you need to be patient. Focus on learning to think like a programmer instead of learning individual languages. Focus on similar concepts in all programming languages. Learning HTML and JavaScript ensures that not only can you create websites from scratch, but you'll also learn how to hack the majority of web-based applications. JavaScript makes it easy to manipulate HTML to do just about anything. Python is a popular object-oriented scripting language that can be used to automate repetitive tasks. Python has plenty of free libraries hackers can use to discover exploits and create hacking scripts. Python developers are also in high demand, so learning this scripting language would be a great choice if you want to start a career in ethical hacking. C and C++ are used to develop everything from applications to entire operating systems. Learning C and C++ can be tricky, but it'll give you a great foundation for learning other programming languages. You'll also learn something very important in hacking: how memory works. Learning PHP will be valuable if you want to hack websites and web-based applications. This server-side scripting language is often used by content management systems (CMS), which are incredibly common on the internet.

Stay in the loop. To be a successful hacker, you'll need to know about the latest exploits and security vulnerabilities. Some websites to follow: ExploitDB https://www.cisa.gov/news-events/cybersecurity-advisories US National Vulnerability Database Full Disclosure mailing list Internet Storm Center Reddit /r/hacking

Hacking

Secure your machine first. To hack, you need a system to practice your hacking skills. However, make sure you have the authorization to attack your target. You can either attack your own network, ask for written permission, or set up your laboratory with virtual machines. Attacking a system without permission, no matter its content, is illegal and will get you in trouble. Boot2root are systems specifically designed to be hacked. You can download these systems at https://www.vulnhub.com and install them using virtual machine software. You can practice hacking these systems.

Know your target. The process of gathering information about your target is known as enumeration. The goal is to establish an active connection with the target and find vulnerabilities that can be used to further exploit the system. To do this, you'll need to identify network hosts, open ports, users, and other details that are potentially exploitable. You can use enumeration to discover: Open ports Applications and protocols Valid usernames (your advanced Googling skills will help you here) IP routing tables Hostnames and IP addresses Network infrastructure details Network shares and services Service settings and audit configurations

Test the target. Can you reach the remote system? While you can use the ping utility (which is included in most operating systems) to see if the target is active, you cannot always trust the results — it relies on the ICMP protocol, which can be easily shut off by paranoid system administrators.

Run a scan of the ports. You can use a network scanner to run a port scan. This will show you the ports that are open on the machine and the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action. Port-scanning tools like Nmap, Netcat, and Angry IP Scanner can help you enumerate systems both locally and remotely by scanning for open ports. Sublist3r can help you find subdomains of websites. SQLmap is a penetration-testing tool that can help you identify SQL vulnerabilities. You can find more hacking tools by searching for hacker forums.

Find a path into the system. Once you know which ports are open and which services are running, it's time to search for known exploits. If enumerating a system led you to a list of usernames, you can try using brute force to log in with common passwords or a password cracker. Use your advanced Google search skills to find paths into these vulnerable systems. Ports like FTP (21) and HTTPS (443) are often well protected. Try other TCP and UDP ports that may have been forgotten, such as Telnet and various UDP ports left open for LAN gaming. An open port 22 is usually evidence of an SSH (secure shell) service running on the target, which can sometimes be brute-forced.

Crack the password or authentication process. If your only path into the system is by logging in, you'll need to get a user's password. There are several methods for cracking a password. They include some of the following: Brute Force: A brute force attack simply tries to guess the user's password. Hackers often use tools that rapidly guess different words from a dictionary to try to guess a password. To protect against a brute force attack, avoid using simple words as your password, and make sure your password is at least 10-12 characters long. Social Engineering: For this technique, a hacker will contact a user and trick them into giving out their password. For example, they claim they are from the IT department and tell the user they need their password to fix an issue. They may also go dumpster-diving to look for information or try to gain access to a secure room. That is why you should never give your password to anybody, no matter who they claim to be. Always shred any documents that contain personal information. Phishing: In this technique, a hacker sends a fake email to a user that appears to be from a person or company the user trusts. The email may contain an attachment that installs spyware or a keylogger. It may also contain a link to a false business website (made by the hacker) that looks authentic. The user is then asked to input their personal information, which the hacker then gains access to. To avoid these scams, don't open emails you don't trust. Always check that a website is secure (include "HTTPS" in the URL). Log in to business sites directly instead of clicking links in email messages. Wi-Fi Spoofing: In this technique, a hacker uses an app on their smartphone to create a fake Wi-Fi access point that anyone in a public location can sign into. Hackers can give it a name that looks like it belongs to the local establishment. People sign into it thinking they are signing into public Wi-Fi. The app then logs all data transmitted over the internet by those signed into it. If they sign into an account using a username and password over an unencrypted connection, the app will store that data and give the hacker access. To avoid becoming a victim of this heist, avoid using public Wi-Fi. If you must use public Wi-Fi, check with the owner of an establishment to make sure you are signing in to the correct internet access point. Check that your connection is encrypted by looking for a padlock in the URL. You can also use a VPN.

Get super-user privileges. Most information that will be of vital interest is protected, and you need a certain level of authentication to get it. To see all the files on a computer, you need super-user privileges—a user account given the same privileges as the "root" user in Linux and BSD operating systems. For routers, this is the "admin" account by default (unless it has been changed); for Windows, this is the Administrator account. There are a few tricks you can use to gain super-user privileges: Buffer Overflow: If you know the memory layout of a system, you can feed it input the buffer cannot store. You can overwrite the code stored in the memory with your code and take control of the system. In Unix-like systems, this will happen if the bugged software has setUID bit set to store file permissions. The program will be executed as a different user (super-user, for example).

Create a backdoor. Once you have gained full control over a machine, it's a good idea to make sure you can come back again. To create a backdoor, you need to install a piece of malware on an important system service, such as the SSH server. This will allow you to bypass the standard authentication system. However, your backdoor may be removed during the next system upgrade. An experienced hacker would backdoor the compiler itself, so every compiled software would be a potential way to return.

Cover your tracks. Don't let the administrator know that the system is compromised. Don't make any changes to the website. Don't create more files than you need. Do not create any additional users. Act as quickly as possible. If you patched a server like SSHD, make sure it has your secret password hard-coded. If someone tries to log in with this password, the server should let them in, but it shouldn't contain any crucial information.

What's your reaction?

Comments

https://kapitoshka.info/assets/images/user-avatar-s.jpg

0 comment

Write the first comment for this!