Sign in to follow this  
Followers 0
Flesh

Gap in my knowledge

13 posts in this topic

Okay, so I've been hacking a little while now, but there is a gap in my knowledge, I know that a direct attack would be to maybe portscan, check services, compile an exploit and bang, root. However there is a large part that I always seem to miss in hacking tutorials (or else it isn't there) and that is getting onto a network. Lets say you don't have anything to do with exploits or brute forcing passwords, just network tricks.

So many people say things like 'ARP spoofing!' and 'sniff the network' and all these other things, but how do you get onto the network in the first place? I'm not asking for a step by step guide, but I don't understand how you get onto a network without exploiting ports and services, what would be the medium you use to get there? Sorry if I am not being clear, if there is something you don't understand, just let me know and I'll try explaining further.

0

Share this post


Link to post
Share on other sites

Why are you trying to "attack" anything at all? I think you may have missed what we're all about here.

0

Share this post


Link to post
Share on other sites

You don't need to be on the host's local network to attack it. Why would you? If you're trying to attack someone on the local network, you don't need to be associated with the network to sniff it (assuming it's wireless or hubbed); google "monitor mode"

0

Share this post


Link to post
Share on other sites
Okay, so I've been hacking a little while now, but there is a gap in my knowledge, I know that a direct attack would be to maybe portscan, check services, compile an exploit and bang, root.

Run-on sentence, consider revision. Also, no. It's usually not that simple. The "exploits" you can find on the Internet don't usually do anything meaningful. A computer doesn't have a "bang, root" function. The exploits you see are usually proof of concept exploits, and often have skiddie traps (portions of the code are intentionally broken, you can only fix it if you know how).

However there is a large part that I always seem to miss in hacking tutorials (or else it isn't there) and that is getting onto a network.

"Hacking tutorials" are an utter waste of time. They don't teach anything, they're just some skiddie spouting off on how to do something without actually knowing much of anything themselves, or some well-knowing person trying to explain something so complex in a 2 page article (not possible). Just skip the tutorials, they aren't worth your time.

You've hit the wall. Your curiosity led you down the path to "hacker tutorials," but you've now discovered they're bullshit. You've climbed the first step only to realize there are several thousand more. You're staring up at an endless staircase, and have no idea how to begin climbing. Well here's how you begin.

Hacking is about understanding. If you understand the technology, nothing can limit you, especially not the limitations of any "tutorial." Luckily, this understanding is usually put down on paper by people who really know what they're talking about. Usually in the form of a book (though other documents, RFCs, e-zines, etc certainly shed light on some subjects), this understanding is reading for your consumption.

First, learn a programming language. You need to know how to program. "Hacking" without programming is like navigating a maze of twisty passages all alike without a brass lantern. You're just not going to get anywhere (even if you manage to avoid the grues). A programming language is your trusty brass lantern, you need it! There's much debate over what you should learn, but if low-level understanding is your goal then C is a good choice. And by "learn" I don't mean read some "tutorials" and know how to put together hello world. You really have to know it! Learning the programming language is the "top down" approach.

Second, learn about computers. Continuing the analogy, hacking without knowing how computers work is like fighting the thief without your trusty sword (make sure to leave the egg for him first, only he can open it!). For the most basic understanding, you can start with The Pattern on the Stone. It's a great book, all of 100 pages and a really easy read. There's no excuse not to read it. It's up to you how "low" you want to go, but you should have at least a basic understanding of some of the electrical concepts, logic gates, gate networks, etc. Also related is boolean logic, you'll need to know all about that. Learning the concepts is the "bottom up" approach.

Third, learn assembly language and operating systems. This is vital, and is where the top-down and bottom-up approaches meet. Without this understanding, you still won't really have a clue of how computers and modern operating systems really work. It's also the last brick in a pretty strong foundation of understanding. From here, you should be competent enough to learn the rest on your own and find your own path.

0

Share this post


Link to post
Share on other sites
"Hacking" without programming is like navigating a maze of twisty passages all alike without a brass lantern.

That is brilliant.

Way to make me feel old, you bastard. :)

From here, you should be competent enough to learn the rest on your own and find your own path.

Ohm has given you a good place to start.

You are standing in an open field west of a white house, with a boarded front door. Where you go from here is up to you.

0

Share this post


Link to post
Share on other sites

Well said. And I like the Zork reference. Those were the days.

0

Share this post


Link to post
Share on other sites

I completely agree with Ohm. I have, however, a small addition to make.

I've found hacking to be more of a way of life, a way of thinking. To me, it's about thinking critically and analyzing every situation. Hacking involves much more than the realm of computers, it involves everything around you.

0

Share this post


Link to post
Share on other sites
You don't need to be on the host's local network to attack it. Why would you? If you're trying to attack someone on the local network, you don't need to be associated with the network to sniff it (assuming it's wireless or hubbed); google "monitor mode"

This is closer to what I was looking for in terms of an answer.

I appreciate you all trying to set me on the right path, but I was looking for more of an answer. I'll rephrase.

Many of the attacks on a system of any kind are not just to do with finding an open port and a vulnerability on the software of said port, they often include things like ARP spoofing and network sniffing etc. However, in order to do those things you have to be on a network correct? So how would you get into the network in the first place? Is exploitation or brute forcing the only way an attacker could get in? Or is there any other means they can infiltrate? I'm not learning to hack in order to hack, I'm learning the means in order to improve my knowledge of security, I've been to cracking/hacking forums in order to find out how these things are done, however I never see this part mentioned.

Thanks in advance

0

Share this post


Link to post
Share on other sites
Many of the attacks on a system of any kind are not just to do with finding an open port and a vulnerability on the software of said port, they often include things like ARP spoofing and network sniffing etc. However, in order to do those things you have to be on a network correct? So how would you get into the network in the first place? Is exploitation or brute forcing the only way an attacker could get in? Or is there any other means they can infiltrate? I'm not learning to hack in order to hack, I'm learning the means in order to improve my knowledge of security, I've been to cracking/hacking forums in order to find out how these things are done, however I never see this part mentioned.

I see you still don't get it. Hacking is not a finite book of ready solutions to be applied to a certain type of problem. It's constant innovation and search for a solution. You won't improve your knowledge of hacking by knowing more vulnerabilities to exploit just the same way you won't be a better architect if you stare at pieces of concrete for a very long time. Your question only shows that you're aiming way above your head at this moment and you're trying to learn something without learning the basic stuff behind it. You started the wrong way because your idea of hacking is wrong. Even if we continue to reply to every single question you ask, you won't learn anything because you started learning the wrong way and have the wrong attitude. Get your basic stuff straight first and then try to "infiltrate local networks by brute force".

PS It wouldn't hurt to better know the terminology you're using.

Edited by WhatChout
0

Share this post


Link to post
Share on other sites

I am by no means up on network hacking.. and I'm following the posts so I can learn. I'm no expert... hell I'm not even an amateur.

But following your posts I wonder:

Are you trying to figure out how someone's private network can be hacked from a remote location? I think something in that network has to be compromised; either a router/gateway or one of the boxes in that network. When I mean compromised, I mean somehow by someway you get your own code to execute on one of their network machines.

I could be way off though.

0

Share this post


Link to post
Share on other sites

i think what you want to find out is how LANs work, you can lookup stuff like MAC addresses, ethernet ARP, packet collisions etc and then maybe look at the TCP/IP, learn how traceroute works, lookup the protocols, udp, icmp, tcp.

if you keep reading about it all it will stick in the end, i'm not really in to hacking, i'd love to be a great white-hat hacker but it's not going to happen for a good few years because i watch too many films when i'm using the computer lol, i don't think i've learned anything for a few years now ;)

Edited by iceni
0

Share this post


Link to post
Share on other sites

Because you're attacking the 'network' and not the 'host' or 'service' behind a 'port' you may want to think about the fact that networks are supported by network devices such as routers, switches, firewalls, NAC solutions, etc.

Network devices generally use protocols like SNMP, OSPF, HSRP, RIP, CDP, STP, ICMP, BGP, and I'm sure there are plenty that I'm forgetting. These protocols all have RFC's or "Requests For Comment" that dictate the

specifications for communication using these protocols.

Most of the time, network vulnerabilities (as opposed to server or software based vulnerabilities) are a result of mis-configured network devices or design flaws in the protocol handlers. When unauthenticated instructions can be sent to

a network device, sometimes the network device does what it's told. This can cause all sorts of things, for example, if you find a BGP abuse, then you can specify another router as the border gateway.

Hope this helps.

0

Share this post


Link to post
Share on other sites

Thanks for the replies, they have been very useful to me. So much so that I'm going to copy and paste them into Kedit and keep them to refer back to. :)

It's good when I get terms thrown at me that I don't understand because it means I can do alot of google research and then start making the connections between terms and eventually I end up with a web of knowledge which connects to other things and so on, like a big mind map. Thanks for all the replies, very helpful.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0