Hacking 101

by mohammed

What am I not covering?

What am I covering

• Definition of hacking
• What is a hacker and the types of hackers
• Anonymity vs infiltration
• Usecases

uhhhhh

• No one hacks a single computer.
• No one makes is obvious they're hacking.
• Hacking is extremely time-consuming.

Why am I covering this?

What is hacking?

us: exploratory programming

• Analysis and exploration
• Prototyping/proof of concept
• Quick coding

What is hacking?

them: security hacker; breaching electronic systems by exploiting computer weaknesses

• Breaking into a system
• Crack a password
• Detect weaknesses

What is hacking?

me: clever use of computer science to manipulate a logical system into doing something unintended.

Types of hackers

• White hat
• Black hat
• Grey hat

Mission

Should you choose to accept

So let's say you are tasked with a mission. Should you choose to accept. You're job is to break into a super secure building and steal the super secret thing that pivotal to the plot. If you were the thief, how would you go about it? Let's do this in simple movie fashion for the sake of simplicity. Well first thing, we need an alias to burn. Perfect, there's a guy for that. There always is. Then you'd need the blueprints. Gotta figure out the lay of the land. What's your plan? Well it's simple. First, you find an inside man with access and steal his credentials for access. Next you create a diversion. You phone in a bomb threat, doing all that phone routing voodoo to make sure it's untraceable. The building empties out. Perfect. Now you break in, steal the thing. But now what? You're getaway! Exactly. You're job is to make it out with the crowd, so you ditch the super secret spy clothes for a normal suit. The thing though. That needs a different route out. You hire some goons (cash). They pick up the package, and drive around town swapping cars every so often to avoid being found, and finally drop the goods off at a designated location. You pay them, burn your alias and skip town. Boom, stolen goods.

Tools of the trade

Anonymity & Infiltration

Anonymity

Why Linux

• Open source
• Small footprint
• More secure
• Powerful CLI
• Lightweight and portable
• Friendlier network options

Anonymity

Proxy chain

Proxy: Middle man. Requests information your behalf and parrots it back to you.

Tor & VPN

Tor

Similar to proxies, except far more advanced and secure. It encrypts all information including packet headers and sends information randomly from node to node. Each node then decrypts only the information that it needs to know where the packet came from and where it's going. Then reencrypts and sends it along.

Tor & VPN

VPN

Is a tunnel through a private server that all internet traffic travels through.

Anonymity

macchanger

Media Access Control (MAC) Address. A unique identifier given to each device connected to a computer.

6C:70:9F:81:A7:C2

Tools of the trade

Anonymity & Infiltration

Infiltration

Footprinting and nmap

Gathering information about a computer system and all devices and systems that it can connect to.

Infiltration

DOS/DDOS and Signal Jamming

Denial of Service (DOS) or Distributed Denial of Service (DDOS) is a technique of overloading a system by issuing a flurry of requests.

Infiltration

Reverse shell

Remote Access Tool (RAT), forces a target machine to connect to you.

Infiltration

Rainbow tables

Why does all of this matter?

Usecases

DOS-ing networks

Backdoors

Phishing and ransomware