Days 57 - 77

Project Web Security and Ethical Hacking: Learning the basic tools of Kali Linux

Learning the basics of Kali linux, a useful hacking toolset.

Refreshing network basics

Before I dived into this project I already learned about networking

  1. Practising Nmap, GoBuster, Nikto, Burp Suite, Metasploit, etc with CTF challenges on TryHackme.com
  2. Refreshing networking basics (Requests/Responses, Cookies, Tokens,... )
  3. Learn about other effective hacking methods like Social Engineering and OSINT research 

Web security becomes more and more important, especially during the covid-19 pandemic you saw a trend among criminals to shift their activities from the real world to the Internet. Therefore being able to identify risks and prevent potential damage is a valuable tool.

What resources did I use to achieve my goal of learning web security and ethical hacking?

TryHackMe.com offers you a web based VM machine that runs Kali Linux to practise challenges

The Standford university released the entire course “web security CS 253” on YouTube 

John Hammond is a security engineer publishing CTF (Capture the flag) challenges on YouTube.

While researching what resources I should choose I stumbled upon a Standford web security course which I highly recommend you watching if you want to learn more about networking, ethical hacking and cyber security.

Learning only the theory might sound great but won’t get you far. As a practise I decided to register myself on TryHackMe.com which is a playground for hackers to learn basic Kali Linux tools. You also get taught a ton of networking related subjects and other disciplines such as reverse engineering, malware analysis and also forensic computer science. 

Then there is John Hammond which I took as my mentor explaining me different Kali Linux tools while he himself hacks a machine. When you see a professional hacker penetrating a PC you get a notion of what other hackers out there in the world are doing when you hear about another hacking attack in the news. 

So let’s get started.

First Days: Learning how attackers scan targets with the help of the tool Nmap

My first CTFs (capture the flag)

A capture the flag game (CTF) is simply a challenge in which you are given a IP from a target machine, meaning a regular PC. Your goal is to overtake this machine with the help of the Kali Linux library to gain root access. Meanwhile there are different files hidden within the target PC that have a numerical value that you have to capture and submit at the end of each run.

By doing these practises I familiarized myself with the scanning tool Nmap and the hidden directory finders GoBuster + Nikto.

Learning more Kali Linux tools

In the next steps I would go along and practise more tools like

  • Metasploit which automates finding exploits on target machines

  • Diving into the tool hydra which is a tool to brute force passwords with a list

  • SqlMap which let’s you perform injections 

  • I learned to set up a common phishing attack

  • How to find hidden directories on a website like the admin login

  • Cracking WPA 2 protected Wi-Fi routers with Airmon / Aircrack

Kali Linux - Metasploit

Kali Linux - Hydra

Why would a hacker spent their time to learn how to google something?

You would think that such a trivial thing as googling would not be a topic to learn more in depth, but TryHackMe.com and some security engineers proved me wrong. In fact, Google.com is so important to hackers that they spent almost half of their time googling for Bash commands, reading documentations of various new hacking tools, or gathering information.

Have you ever noticed how many results you get when you type something into google and search only on page 1? With Google operators you are able to reduce millions of search results to only 500 Google entries.

Learning to use Google operators

OSINT - Open Source Intelligence

Learning more real life scenarios

On the news I heard about the first death related to a cyber attack on the very same campus where I once studied. After doing some research I found out that the attacker used a technique called “creating a backdoor”. So I went on to start creating my first backdoor myself.

Creating backdoors

Hacking a password locked MacBook

The most dangerous hacking technique

Machines can be really sophisticated when it comes to protecting your network or identifying a virus within your system. But what about the human? Many security engineers agree that the weakest link to get access into a secure network is in fact the human mind.

What do I mean by that? When the lock that you want to penetrate is so sophisticated, why should you waste your time learning all the mechanisms, when you can manipulate a human to open the lock for you? This is the very basic idea behind social engineering and this technique is in fact responsible for the biggest hacks out there (e.g. The 2020 Twitter Hack)

Social engineering is highly unethical but once you understand how the human mind works and why people change their password from “SomeName1234” to “SomeName54321” and feel secure at the same time, you will obtain a powerful tool for hacking systems.

Refreshing some networking and cryptography topics

Before diving into topics like Kali Linux, I strongly recommend that you first learn about network-related topics. Getting the basics right, such as what cookies are and how they work, learning the OSI model, knowing your ports on a firewall, etc. are really important for web security and ethical hacking. If you want to learn the basics of networking, I’ve collected some useful links in my link tree on Instagram.

How would you perform a DNS poisoning attack when you have no idea what a Domain Name System is in the first place? 

With the following two posts I covered the topic DNS server and the cryptography related topic password hashing more in depth.

Progress
Smaller steps towards the goal 100%

Personal comment on the project "Ethical hacking"

I’m nowhere near calling myself a hacker. Becoming a hacker takes time and that wasn’t my goal either. With this project I just wanted to learn the basics of Kali Linux. So if you ask me to hack a modern, well protected PC which has the lastest updates installed and a sophisticated, active firewall I would most likely fail to do so. I only hacked systems that were poorly secured, websites that still had http as a protocol or old operating systems like windows 7.   

The topic hacking is so interrelated with so many computer science topics such as networking, cryptography, hardware, operating systems, programming languages, algorithms, etc that it takes years to become professional in this field. Even top tier security engineers still have to learn new things.

At the end I have to leave this project with an optimistic thought. Doing CTFs and penetrating systems was quite fun and really helpful of understanding common hacking attacks. In order to protect a system well enough you have to take the view point of the attacker site. Of course there are always new modules and mechanism to learn about but I feel like having understood the very fundamentals which is a good starting point to keep getting better at hacking.

I’m currently in the top 400 hackers on TryHackMe.com

Click the arrow to go back to the top