Friday, March 8, 2019

Becoming a hacker or penetration tester


Hi and welcome newbie hackers. A lot of people has asked me "How can I become a hacker". So today I am going to put together a post answering this question for many of you guys out there who do not know how to start. There are a lot of ways to become "a hacker", penetration tester, or security professional, or whatever you want to call it at the end of the day you are using your skill to gain access into a system such as a computer, a software, or hardware so to me its all boiled down to hacking. Different people have different names for hacking because it is related to ethics. For example, Blackhat hackers are the people who hack into systems without permission in order to gain benefit for themselves such as money. Whitehat hackers who are also known as penetration testers are the one who has permission to gain access into a system. Whitehat hackers are also known as "Ethical Hackers". Lastly we have Greyhat hacker who is kind of in between. Greyhat hacker hacks into a system without authorization but they don't do it to steal or gain any benefits from it, they hack simply to either have fun doing it or did it so they can report the flaw.

To learn how to hack you must have the desire to know how something works. For example, if you want to hack into someone's computer you must understand the type of operating system they are running, the application they have installed on their computer and the version of those applications. And to obtain this information you must know how to perform reconnaissance which is the information gathering stage. Information gather is the most important stage during penetration testing because it gives you an idea of how to approach the system. If you have no idea what the system is running or the type of applications it has it will be extremely hard to find out the kind of vulnerabilities it has, and if you don't know the type of vulnerabilities the system has it will be almost impossible to hack it. Another thing you must understand is networking, so if you are new to networking I recommend taking some courses in networking before diving into hacking because without knowing at least what is an IP address, a MAC address, protocol rules, firewall, operating system, port number etc. it is extremely difficult to hack anything.

What hacking is:

It is also extremely important that you know what hacking is. Hacking is using methods, and tools, in order to steal a personal identity and hopefully be able to access whatever it is that you are trying to access that, belongs to that person in which you are trying to hack. Personal identity can include username, password, social security number, pin, account number, etc.

What hacking is not:

Hacking is NOT recovery, and what I mean by that is you cannot use hacking as a way to recover a lost account such as Facebook, Email, etc. Although there are some circumstances where recovery can be used to obtain the password but even that is very difficult these days because there is simply too much verification processes a person must go through in order to obtain the password. But even if the attacker is able to recover the password, he must go through the information gathering stage in order to find out the flaw in the recovery process. You should never use hacking as a way to recover a lost account because a lost account does not have enough information to even begin hacking. For example, if I am trying to get back into my Facebook account and I lost the email, phone number and the password, it is next to IMPOSSIBLE to get it back and I cannot attempt to hack my own account because I do not have the required information. Some people asked me to hack their account and get it back for them and when I ask them for the email they say they don't know it. That is like saying "I want to go back to my country but I don't know where I came from", which makes absolutely no sense.

Five phases of hacking:

There are five phases of hacking which is extremely important to understand for anyone that wants to become a hacker.

  • Reconnaissance
  • Scanning
  • Gaining Access
  • Maintaining Access
  • Covering Tracks
Reconnaissance - This is the primary phase where the Hacker tries to collect as much information as possible about the target. It includes Identifying the Target, finding out the target's IP Address Range, Network, DNS records, etc.

Scanning - It involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are seeking any information that can help them perpetrate attacks such as computer names, IP addresses, and user accounts.

Gaining Access - After scanning, the hacker designs the blueprint of the network of the target with the help of data collected during Phase 1 and Phase 2. This is the phase where the real hacking takes place. Vulnerabilities discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network (LAN, either wired or wireless), local access to a PC, the Internet, or offline. Examples include stack-based buffer overflows, denial of service (DoS), and session hijacking. These topics will be discussed in later chapters. Gaining access is known in the hacker world as owning the system.

Maintaining Access - Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.

Covering Tracks - Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files.

Ask the right question to get the right answer

When seeking help, it is important to ask the right question before you can get the right answer and what I meant by this is some people ask me "How do I hack Facebook" well, you cannot hack Facebook, at least not with available information on the Internet and plus it would not be very smart to attack Facebook directly just to get one person's account besides, Facebook doesn't spend millions of dollars into security so that you can hack it using available information and tools on the Internet. So instead of asking "How do I hack Facebook" try asking "What kind of methods or tools can I use to hack someone's Facebook account".

Now that you have an idea on how to become a hacker you can start from the beginning and pick up some books or course in different technology topics. I recommend starting out with understanding the ins and outs of Microsoft Windows, then move into Linux and Mac. After you understand the foundation of the operating systems and how each work, start studying networking, and the Linux command line. Once you understand Linux command line you can start using Kali to perform simple hacks and move on to the more advanced stuff like scripting and exploit development.


Post a Comment